Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1615904
MD5:bca58035430238fde9990df16040d699
SHA1:12e1f30c10f8d228e70d28bd6e315679d91aa46e
SHA256:6c64e6e99e9173fd2233d7f6afe27d80d47a377eaa624ee1ca7cc0df803c5cbb
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:76
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Drops PE files
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 2432 cmdline: "C:\Users\user\Desktop\random.exe" MD5: BCA58035430238FDE9990DF16040D699)
    • taskkill.exe (PID: 3984 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 4828 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6916 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3052 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6368 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 2268 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6980 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 1968 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 5448 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6008 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 5988 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 6524 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 1588 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 1948 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2220 -prefMapHandle 2212 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9fbe32b-4c03-4d39-93db-854142882339} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee61071110 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 2024 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4116 -parentBuildID 20230927232528 -prefsHandle 3996 -prefMapHandle 4000 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98ef1f0c-9b53-4068-86ae-42f53ec98957} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee71479110 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7820 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 4472 -prefMapHandle 4564 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {127eaadf-f0b2-40e6-aa1b-0559c96af4d0} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee79169d10 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 2432JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeReversingLabs: Detection: 29%
    Source: random.exeVirustotal: Detection: 30%Perma Link
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.2% probability
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49786 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49802 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49812 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49847 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49895 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49896 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49982 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.193.91:443 -> 192.168.2.6:49984 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49981 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49988 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49990 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49992 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49989 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56398 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56399 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56403 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56400 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56401 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56402 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56404 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56404 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56405 version: TLS 1.2
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000E.00000003.2385012290.000001EE75156000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2399600054.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000E.00000003.2391825603.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2393829428.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2392776545.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2399600054.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: npmproxy.pdbUGP source: firefox.exe, 0000000E.00000003.2400880018.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2397348606.000001EE75101000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000E.00000003.2385012290.000001EE75156000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: npmproxy.pdb source: firefox.exe, 0000000E.00000003.2400880018.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdbGCTL source: firefox.exe, 0000000E.00000003.2391825603.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2393829428.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2392776545.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2397348606.000001EE75101000.00000004.00000020.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005ADBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_005ADBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057C2A2 FindFirstFileExW,0_2_0057C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B68EE FindFirstFileW,FindClose,0_2_005B68EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_005B698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AD076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_005AD076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AD3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_005AD3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_005B9642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_005B979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_005B9B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B5C97 FindFirstFileW,FindNextFileW,FindClose,0_2_005B5C97
    Source: firefox.exeMemory has grown: Private usage: 1MB later: 191MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: global trafficTCP traffic: 192.168.2.6:63567 -> 1.1.1.1:53
    Source: global trafficTCP traffic: 192.168.2.6:56392 -> 162.159.36.2:53
    Source: Joe Sandbox ViewIP Address: 2.22.61.56 2.22.61.56
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 34.49.51.44 34.49.51.44
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BCE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_005BCE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKLast-Modified: Fri, 07 Feb 2025 06:55:57 GMTETag: 85430baed3398695717b0263807cf97cContent-Length: 453023Accept-Ranges: bytesX-Timestamp: 1738911356.44453Content-Type: application/zipX-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1Cache-Control: public, max-age=245629Expires: Tue, 18 Feb 2025 12:52:23 GMTDate: Sat, 15 Feb 2025 16:38:34 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000E.00000003.2435388126.0000123336704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: )*://www.facebook.com/*Zysl equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2435126989.00003F96D3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: )*://www.youtube.com/*Zysl equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2435388126.0000123336704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: )www.facebook.comZysl equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2435388126.0000123336704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2435388126.0000123336704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/*Zysl equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2435126989.00003F96D3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2435126989.00003F96D3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.youtube.com/*Zysl equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2379233232.000001EE7D0F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2438402118.000001EE7D196000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2378397958.000001EE7D196000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2455607158.000001EE7D6CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2381207211.000001EE7A22B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379233232.000001EE7D0F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE72496000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2465770044.000001EE7DD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2293864107.000001EE73C51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2293864107.000001EE73C51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 00000012.00000002.4056352239.000001E504D0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB70C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 00000012.00000002.4056352239.000001E504D0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB70C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 00000012.00000002.4056352239.000001E504D0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB70C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2381207211.000001EE7A22B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473682299.000001EE738C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379233232.000001EE7D0F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2435388126.0000123336704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.comZysl equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2465770044.000001EE7DD25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE72487000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2459908255.000001EE736C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE72419000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 0000000E.00000003.2496357966.000001EE7272E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
    Source: firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
    Source: firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
    Source: firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000E.00000003.2442451801.000001EE7DD5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2498451606.000001EE7975C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000E.00000003.2455847135.000001EE7D19D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2442451801.000001EE7DD5C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000E.00000003.2470927765.000001EE79675000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000E.00000003.2458413611.000001EE73CD4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293864107.000001EE73CD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.comP
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 0000000E.00000003.2401314880.000001EE72C3A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000E.00000003.2437309660.000014523E303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2435616759.000004051C903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0
    Source: firefox.exe, 0000000E.00000003.2357228520.000001EE74DB4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2432101297.000001EE7167A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2441972096.000001EE7319E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2441721673.000001EE73212000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2383857337.000001EE732E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2384187293.000001EE73256000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2392875478.000001EE6E7D2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2404540226.000001EE72FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403928138.000001EE7311B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271402982.000001EE6E7DF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2432101297.000001EE71668000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2423384120.000001EE73259000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2485090808.000001EE729F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2389534013.000001EE71663000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2450165564.000001EE7924C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2425397499.000001EE7321F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2352357721.000001EE7328B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2454640414.000001EE7165D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2500771610.000001EE71EA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2405054723.000001EE72F7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2442515255.000001EE73293000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000E.00000003.2435616759.000004051C903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/Zysl
    Source: firefox.exe, 0000000E.00000003.2437556303.00003D1006703000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2437309660.000014523E303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/l
    Source: firefox.exe, 0000000E.00000003.2437556303.00003D1006703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/t
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0.
    Source: firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
    Source: firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000E.00000003.2470009260.000001EE7B85F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatex
    Source: firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
    Source: firefox.exe, 0000000E.00000003.2474166958.000001EE73774000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2459530512.000001EE7375B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2459908255.000001EE736B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: mozilla-temp-41.14.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2316682203.000001EE797E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://youtube.com/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000003.2473682299.000001EE738C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://MD8.mozilla.org/1/m
    Source: firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2266127194.000001EE6EB52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000E.00000003.2493369793.000001EE7D066000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D05A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
    Source: firefox.exe, 0000000E.00000003.2464318248.000001EE79204000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000E.00000003.2316251199.000001EE7ABAA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2483781411.000001EE7ABAA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2498015661.000001EE7ABAF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7ABAA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379830332.000001EE7ABAA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7ABAA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
    Source: firefox.exe, 0000000E.00000003.2382311996.000001EE792BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000E.00000003.2382311996.000001EE792BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwdp
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-users/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
    Source: firefox.exe, 0000000E.00000003.2460006844.000001EE736AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE72487000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2459908255.000001EE736C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE72419000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE724E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2463298452.000001EE79623000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000E.00000003.2493077580.000001EE7D08B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473682299.000001EE738AB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496028826.000001EE727DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504DEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4059182345.00000200CB903000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504DEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4059182345.00000200CB903000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta
    Source: firefox.exe, 0000000E.00000003.2439329306.000001EE7D05A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000E.00000003.2363796106.000001EE72A20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
    Source: firefox.exe, 0000000E.00000003.2363796106.000001EE72A20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362996583.000001EE72A1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
    Source: firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363256449.000001EE728BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000E.00000003.2362169912.000001EE72A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
    Source: firefox.exe, 0000000E.00000003.2363796106.000001EE72A20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000E.00000003.2363796106.000001EE72A20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362996583.000001EE72A1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
    Source: firefox.exe, 0000000E.00000003.2441972096.000001EE7319E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
    Source: firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363256449.000001EE728BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363256449.000001EE728BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2266127194.000001EE6EB52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000E.00000003.2451474520.000001EE747E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504DEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4059182345.00000200CB903000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504DEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4059182345.00000200CB903000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 0000000E.00000003.2295021512.000001EE738CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2499801184.000001EE738C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2295077018.000001EE738C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2473649352.000001EE738CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2473649352.000001EE738CF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000E.00000003.2460006844.000001EE736AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
    Source: firefox.exe, 0000000E.00000003.2326920435.000001EE732D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2359279168.000001EE732D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2318615169.000001EE732D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2383857337.000001EE732D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2474731327.000001EE73683000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2460447284.000001EE73681000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2424654007.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2266127194.000001EE6EB52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2460191555.000001EE736A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2474603426.000001EE736A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403023942.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000E.00000003.2382543008.000001EE79288000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?t=ffab&q=
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74B1A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB713000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2308477242.000001EE72C3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2304522057.000001EE72C31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/673d2808-e5d8-41b9-957
    Source: firefox.exe, 0000000E.00000003.2304522057.000001EE72C35000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2308418199.000001EE72C52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2308504631.000001EE72C5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000000E.00000003.2295127667.000001EE729F8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
    Source: firefox.exe, 0000000E.00000003.2493206941.000001EE7D084000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2471013509.000001EE79364000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2468421001.000001EE7D14C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74B1A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB713000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 00000014.00000002.4056160514.00000200CB7C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 00000014.00000002.4056160514.00000200CB7C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 00000014.00000002.4056160514.00000200CB730000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 00000014.00000002.4056160514.00000200CB7C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000E.00000003.2463660050.000001EE7937E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 00000014.00000002.4056160514.00000200CB7C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000E.00000003.2394045508.000001EE74DE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288938633.000001EE74DEF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2354369550.000001EE74DE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357228520.000001EE74DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000E.00000003.2394045508.000001EE74DE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288938633.000001EE74DEF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2354369550.000001EE74DE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357228520.000001EE74DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000E.00000003.2378397958.000001EE7D1A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2483956770.000001EE7AB8F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000E.00000003.2435616759.000004051C903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2440321388.000001EE7AA7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2439329306.000001EE7D041000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000E.00000003.2484166207.000001EE7AA42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2380620120.000001EE7AA3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000E.00000003.2439329306.000001EE7D041000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000E.00000003.2439329306.000001EE7D041000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000E.00000003.2439329306.000001EE7D041000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000E.00000003.2439329306.000001EE7D041000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000E.00000003.2463660050.000001EE7937E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.14.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2472719886.000001EE74B0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D88000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB7F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/3d4ac6f1-2b22-4eb0-9880-8270e
    Source: firefox.exe, 0000000E.00000003.2455607158.000001EE7D6DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/fd4e1ddd-2738-4e30-9308-56ad
    Source: firefox.exe, 0000000E.00000003.2475230132.000001EE73612000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/834260a2-7142-40b7
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2316682203.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2470625384.000001EE797C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2449211826.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302450826.000001EE797C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462830826.000001EE797C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
    Source: firefox.exe, 0000000E.00000003.2405054723.000001EE72F8C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.li
    Source: firefox.exe, 0000000E.00000003.2460006844.000001EE736AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 00000012.00000002.4056352239.000001E504D86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB78F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000E.00000003.2379233232.000001EE7D0F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2438223477.000001EE7D1E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 0000000E.00000003.2496028826.000001EE727DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000E.00000003.2473610028.000001EE738D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2326920435.000001EE732D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2359279168.000001EE732D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2318615169.000001EE732D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2383857337.000001EE732D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 0000000E.00000003.2501056072.000001EE71E94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 0000000E.00000003.2382031130.000001EE79675000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2470927765.000001EE79675000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2499361195.000001EE79319000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2470810226.000001EE796CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
    Source: firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000E.00000003.2316990862.000001EE796C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2450057515.000001EE7926C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 0000000E.00000003.2464318248.000001EE79204000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74B1A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB713000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000E.00000003.2464318248.000001EE79204000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2499801184.000001EE738C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2295077018.000001EE738C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2472719886.000001EE74B0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D88000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB7F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 00000014.00000002.4056160514.00000200CB7F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/useru
    Source: firefox.exe, 0000000E.00000003.2381207211.000001EE7A2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE724E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456670552.000001EE7A2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE72487000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE72419000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2381207211.000001EE7A2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE724E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456670552.000001EE7A2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-user-removal
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 0000000E.00000003.2308477242.000001EE72C3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-def
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000E.00000003.2468421001.000001EE7D14C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293864107.000001EE73C13000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2485419894.000001EE727F5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000E.00000003.2443203202.000001EE7A2D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2381032083.000001EE7A2D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
    Source: firefox.exe, 0000000E.00000003.2317072156.000001EE736D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000000E.00000003.2460847622.000001EE7B2BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456136946.000001EE7B2CE000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 0000000E.00000003.2389219113.000001EE719A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000E.00000003.2451474520.000001EE74773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: firefox.exe, 0000000E.00000003.2460847622.000001EE7B2BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456136946.000001EE7B2CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefox
    Source: places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316251199.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462448631.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2483956770.000001EE7AB8F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
    Source: firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/(
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504DEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4059182345.00000200CB903000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3
    Source: firefox.exe, 0000000E.00000003.2449211826.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403023942.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
    Source: firefox.exe, 0000000E.00000003.2293864107.000001EE73C51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
    Source: firefox.exe, 0000000E.00000003.2293864107.000001EE73C51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
    Source: firefox.exe, 0000000E.00000003.2389039249.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2293864107.000001EE73C51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
    Source: firefox.exe, 0000000E.00000003.2293864107.000001EE73C51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: firefox.exe, 0000000E.00000003.2471458367.000001EE792C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2382311996.000001EE792BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000E.00000003.2290604426.000001EE7951E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000E.00000003.2316682203.000001EE797E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000E.00000003.2475067911.000001EE73625000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2424654007.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2266127194.000001EE6EB52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403023942.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
    Source: firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
    Source: firefox.exe, 0000000E.00000003.2475067911.000001EE73625000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mobilesuica.com/
    Source: firefox.exe, 0000000E.00000003.2301015181.000001EE7ABF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2494848310.000001EE7923F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316682203.000001EE797D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2495222616.000001EE7921F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2464318248.000001EE7921F000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2493778425.000001EE7978A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2437309660.000014523E303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/Zysl
    Source: firefox.exe, 0000000E.00000003.2460847622.000001EE7B2BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456136946.000001EE7B2CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/
    Source: places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2304522057.000001EE72C35000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2308418199.000001EE72C52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2308504631.000001EE72C5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000E.00000003.2483493164.000001EE7C7A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
    Source: firefox.exe, 0000000E.00000003.2460847622.000001EE7B2BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456136946.000001EE7B2CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
    Source: places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2443203202.000001EE7A2D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2381032083.000001EE7A2D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2443203202.000001EE7A2D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2381032083.000001EE7A2D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2460847622.000001EE7B2BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456136946.000001EE7B2CE000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 00000012.00000002.4056352239.000001E504DC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB78F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/7
    Source: firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000E.00000003.2463591154.000001EE7939D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org/
    Source: firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 00000010.00000002.4056829027.0000024345CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504DEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4059182345.00000200CB903000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
    Source: firefox.exe, 0000000E.00000003.2435388126.0000123336704000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2438944650.000001EE7D0F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2499115713.000001EE79364000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379233232.000001EE7D0F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2471013509.000001EE79364000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB70C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 0000000E.00000003.2459407032.000001EE737AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000E.00000003.2472807911.000001EE747AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: firefox.exe, 0000000E.00000003.2459623834.000001EE736DC000.00000004.00000800.00020000.00000000.sdmp, recovery.jsonlz4.tmp.14.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000014.00000002.4055045280.00000200CB530000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://ac
    Source: firefox.exe, 00000012.00000002.4055895476.000001E504BF0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://acB
    Source: firefox.exe, 0000000E.00000003.2498451606.000001EE7975C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4054976123.000002434582A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056354782.0000024345BE4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4054810218.000001E504B0A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4054810218.000001E504B00000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4055895476.000001E504BF4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4054658181.00000200CB3FA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4055045280.00000200CB534000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000C.00000002.2253427516.000001F9F72B9000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2260331449.0000023F292CF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 00000012.00000002.4054810218.000001E504B0A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd?9X
    Source: firefox.exe, 00000010.00000002.4054976123.0000024345820000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056354782.0000024345BE4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4054810218.000001E504B00000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4055895476.000001E504BF4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4055045280.00000200CB534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4054658181.00000200CB3F0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: firefox.exe, 00000014.00000002.4054658181.00000200CB3FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdd
    Source: firefox.exe, 00000010.00000002.4054976123.000002434582A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdg
    Source: firefox.exe, 00000014.00000002.4054658181.00000200CB3F0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdp
    Source: firefox.exe, 00000010.00000002.4054976123.0000024345820000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwds
    Source: firefox.exe, 0000000E.00000003.2316682203.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2449211826.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2470625384.000001EE797CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462830826.000001EE797C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com0
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
    Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
    Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56405 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56401 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
    Source: unknownNetwork traffic detected: HTTP traffic on port 56409 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
    Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56409
    Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56404
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56405
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56407
    Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56400
    Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56401
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56402
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56403
    Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56398 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
    Source: unknownNetwork traffic detected: HTTP traffic on port 56402 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
    Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
    Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56400 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56407 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56399 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49982 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56403 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
    Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
    Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56396
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56398
    Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56399
    Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56396 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56404 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49786 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49802 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49812 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49847 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49895 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49896 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49982 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.193.91:443 -> 192.168.2.6:49984 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49981 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49988 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49990 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49992 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49989 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56398 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56399 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56403 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56400 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56401 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56402 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56404 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56404 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:56405 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BEAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_005BEAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_005BED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BEAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_005BEAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AAA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_005AAA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D9576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_005D9576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000000.2206520291.0000000000602000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_056897ea-c
    Source: random.exe, 00000000.00000000.2206520291.0000000000602000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_5c7052e6-5
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_0d44d91e-b
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_799c4a80-6
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BC3877 NtQuerySystemInformation,18_2_000001E504BC3877
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BE5672 NtQuerySystemInformation,18_2_000001E504BE5672
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AD5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_005AD5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A1201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_005A1201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AE8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_005AE8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054BF400_2_0054BF40
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B20460_2_005B2046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005480600_2_00548060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A82980_2_005A8298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057E4FF0_2_0057E4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057676B0_2_0057676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D48730_2_005D4873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054CAF00_2_0054CAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0056CAA00_2_0056CAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0055CC390_2_0055CC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00576DD90_2_00576DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0055B1190_2_0055B119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005491C00_2_005491C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005613940_2_00561394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0056781B0_2_0056781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0055997D0_2_0055997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005479200_2_00547920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00567A4A0_2_00567A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00567CA70_2_00567CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005CBE440_2_005CBE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00579EEE0_2_00579EEE
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BC387718_2_000001E504BC3877
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BE567218_2_000001E504BE5672
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BE5D9C18_2_000001E504BE5D9C
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BE56B218_2_000001E504BE56B2
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00549CB3 appears 31 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00560A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 0055F9F2 appears 40 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal76.troj.evad.winEXE@34/38@74/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B37B5 GetLastError,FormatMessageW,0_2_005B37B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A10BF AdjustTokenPrivileges,CloseHandle,0_2_005A10BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A16C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_005A16C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B51CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_005B51CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AD4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_005AD4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_005B648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005442A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_005442A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4828:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6008:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1968:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2268:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3052:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000E.00000003.2438402118.000001EE7D196000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2378397958.000001EE7D196000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000E.00000003.2493247868.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2439329306.000001EE7D07B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeReversingLabs: Detection: 29%
    Source: random.exeVirustotal: Detection: 30%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2220 -prefMapHandle 2212 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9fbe32b-4c03-4d39-93db-854142882339} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee61071110 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4116 -parentBuildID 20230927232528 -prefsHandle 3996 -prefMapHandle 4000 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98ef1f0c-9b53-4068-86ae-42f53ec98957} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee71479110 rdd
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 4472 -prefMapHandle 4564 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {127eaadf-f0b2-40e6-aa1b-0559c96af4d0} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee79169d10 utility
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2220 -prefMapHandle 2212 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9fbe32b-4c03-4d39-93db-854142882339} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee61071110 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4116 -parentBuildID 20230927232528 -prefsHandle 3996 -prefMapHandle 4000 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98ef1f0c-9b53-4068-86ae-42f53ec98957} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee71479110 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 4472 -prefMapHandle 4564 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {127eaadf-f0b2-40e6-aa1b-0559c96af4d0} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee79169d10 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000E.00000003.2385012290.000001EE75156000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2399600054.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000E.00000003.2391825603.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2393829428.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2392776545.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2399600054.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: npmproxy.pdbUGP source: firefox.exe, 0000000E.00000003.2400880018.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2397348606.000001EE75101000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000E.00000003.2385012290.000001EE75156000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: npmproxy.pdb source: firefox.exe, 0000000E.00000003.2400880018.000001EE6E9A3000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdbGCTL source: firefox.exe, 0000000E.00000003.2391825603.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2393829428.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2392776545.000001EE6E98C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2397348606.000001EE75101000.00000004.00000020.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005442DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005442DE
    Source: gmpopenh264.dll.tmp.14.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00560A76 push ecx; ret 0_2_00560A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0055F98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_0055F98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D1C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_005D1C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-95153
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BC3877 rdtsc 18_2_000001E504BC3877
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005ADBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_005ADBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057C2A2 FindFirstFileExW,0_2_0057C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B68EE FindFirstFileW,FindClose,0_2_005B68EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_005B698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AD076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_005AD076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AD3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_005AD3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_005B9642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_005B979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_005B9B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B5C97 FindFirstFileW,FindNextFileW,FindClose,0_2_005B5C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005442DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005442DE
    Source: firefox.exe, 00000010.00000002.4060139559.0000024345E00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW<
    Source: firefox.exe, 00000012.00000002.4054810218.000001E504B0A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp]&
    Source: firefox.exe, 00000012.00000002.4058967728.000001E505260000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllYHV
    Source: firefox.exe, 00000010.00000002.4054976123.000002434582A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp
    Source: random.exe, 00000000.00000003.2290385686.0000000000F7D000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2291246325.0000000000FBB000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2290278643.0000000000F73000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2290922013.0000000000F82000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4054658181.00000200CB3FA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4058545002.00000200CB814000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 00000010.00000002.4059695655.0000024345D1E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000012.00000002.4058967728.000001E505260000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll!^
    Source: firefox.exe, 00000012.00000002.4058967728.000001E505260000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW2U)
    Source: firefox.exe, 00000012.00000002.4058967728.000001E505260000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll,H
    Source: random.exe, 00000000.00000002.2295098388.0000000000F97000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2290385686.0000000000F7D000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2292654557.0000000000F90000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2290278643.0000000000F73000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2290922013.0000000000F82000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW!
    Source: firefox.exe, 00000012.00000002.4058967728.000001E505260000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll B
    Source: firefox.exe, 00000010.00000002.4060139559.0000024345E00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_000001E504BC3877 rdtsc 18_2_000001E504BC3877
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BEAA2 BlockInput,0_2_005BEAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00572622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00572622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005442DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005442DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00564CE8 mov eax, dword ptr fs:[00000030h]0_2_00564CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A0B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_005A0B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00572622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00572622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0056083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0056083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005609D5 SetUnhandledExceptionFilter,0_2_005609D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00560C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00560C21
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A1201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_005A1201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00582BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_00582BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005AB226 SendInput,keybd_event,0_2_005AB226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C22DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_005C22DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A0B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_005A0B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A1663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_005A1663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: firefox.exe, 0000000E.00000003.2392547860.000001EE75156000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: hSoftware\Policies\Microsoft\Windows\PersonalizationNoChangingStartMenuBackgroundPersonalColors_BackgroundWilStaging_02RtlDisownModuleHeapAllocationRtlQueryFeatureConfigurationRtlRegisterFeatureConfigurationChangeNotificationRtlSubscribeWnfStateChangeNotificationRtlDllShutdownInProgressntdll.dllNtQueryWnfStateDataLocal\SM0:%d:%d:%hs_p0Local\SessionImmersiveColorPreferenceBEGINTHMthmfile\Sessions\%d\Windows\ThemeSectionMessageWindowendthemewndThemeApiConnectionRequest\ThemeApiPortwinsta0SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\PersonalizeAppsUseLightThemeSystemUsesLightThemedefaultshell\themes\uxtheme\render.cppCompositedWindow::WindowdeletedrcacheMDIClientSoftware\Microsoft\Windows\DWMColorPrevalenceSoftware\Microsoft\Windows\CurrentVersion\ImmersiveShellTabletModeMENUAccentColorSoftware\Microsoft\Windows\CurrentVersion\Explorer\AccentDefaultStartColorControl Panel\DesktopAutoColorizationAccentColorMenuStartColorMenuAutoColorSoftware\Microsoft\Windows\CurrentVersion\Themes\History\ColorsSoftware\Microsoft\Windows\CurrentVersion\Themes\HistoryAccentPaletteTab$Shell_TrayWndLocal\SessionImmersiveColorMutex
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00560698 cpuid 0_2_00560698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0059D21C GetLocalTime,0_2_0059D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0059D27A GetUserNameW,0_2_0059D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057B952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_0057B952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005442DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005442DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 2432, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 2432, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C1204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_005C1204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C1806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_005C1806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager2
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials1
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1615904 Sample: random.exe Startdate: 15/02/2025 Architecture: WINDOWS Score: 76 45 youtube.com 2->45 47 youtube-ui.l.google.com 2->47 49 38 other IPs or domains 2->49 57 Antivirus / Scanner detection for submitted sample 2->57 59 Multi AV Scanner detection for submitted file 2->59 61 Yara detected Credential Flusher 2->61 63 2 other signatures 2->63 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        signatures3 process4 signatures5 65 Binary is likely a compiled AutoIt script file 8->65 67 Found API chain indicative of sandbox detection 8->67 13 taskkill.exe 1 8->13         started        15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        23 3 other processes 8->23 19 firefox.exe 3 214 11->19         started        process6 dnsIp7 25 conhost.exe 13->25         started        27 conhost.exe 15->27         started        29 conhost.exe 17->29         started        51 youtube.com 172.217.18.14, 443, 49778, 49779 GOOGLEUS United States 19->51 53 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49780, 49803, 49804 GOOGLEUS United States 19->53 55 12 other IPs or domains 19->55 41 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 19->41 dropped 43 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 19->43 dropped 31 firefox.exe 1 19->31         started        33 firefox.exe 1 19->33         started        35 firefox.exe 1 19->35         started        37 conhost.exe 23->37         started        39 conhost.exe 23->39         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe30%ReversingLabsWin32.Trojan.Generic
    random.exe31%VirustotalBrowse
    random.exe100%AviraTR/ATRAPS.Gen

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://youtube.com00%Avira URL Cloudsafe
    http://detectportal.firefox.comP0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		23.215.0.132
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.252.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		104.244.42.193
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		34.209.7.244
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.193.91
                  		truefalse
                    		high
                    s-part-0017.t-0009.t-msedge.net
                    		13.107.246.45
                    		truefalse
                      		high
                      dyna.wikimedia.org
                      		185.15.59.224
                      		truefalse
                        		high
                        prod.remote-settings.prod.webservices.mozgcp.net
                        		34.149.100.209
                        		truefalse
                          		high
                          contile.services.mozilla.com
                          		34.117.188.166
                          		truefalse
                            		high
                            youtube.com
                            		172.217.18.14
                            		truefalse
                              		high
                              prod.content-signature-chains.prod.webservices.mozgcp.net
                              		34.160.144.191
                              		truefalse
                                		high
                                a19.dscg10.akamai.net
                                		2.22.61.56
                                		truefalse
                                  		high
                                  youtube-ui.l.google.com
                                  		172.217.16.206
                                  		truefalse
                                    		high
                                    us-west1.prod.sumo.prod.webservices.mozgcp.net
                                    		34.149.128.2
                                    		truefalse
                                      		high
                                      reddit.map.fastly.net
                                      		151.101.193.140
                                      		truefalse
                                        		high
                                        ipv4only.arpa
                                        		192.0.0.170
                                        		truefalse
                                          		high
                                          prod.ads.prod.webservices.mozgcp.net
                                          		34.117.188.166
                                          		truefalse
                                            		high
                                            push.services.mozilla.com
                                            		34.107.243.93
                                            		truefalse
                                              		high
                                              normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                              		34.49.51.44
                                              		truefalse
                                                		high
                                                telemetry-incoming.r53-2.services.mozilla.com
                                                		34.120.208.123
                                                		truefalse
                                                  		high
                                                  www.reddit.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    spocs.getpocket.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      content-signature-2.cdn.mozilla.net
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        support.mozilla.org
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          firefox.settings.services.mozilla.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.youtube.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              www.facebook.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                detectportal.firefox.com
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  normandy.cdn.mozilla.net
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    shavar.services.mozilla.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high
                                                                      www.wikipedia.org
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		high

                                                                        URLs from Memory and Binaries

                                                                        NameSourceMaliciousAntivirus DetectionReputation
                                                                        https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                          		high
                                                                          https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 00000014.00000002.4056160514.00000200CB7C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://detectportal.firefox.com/firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                		high
                                                                                https://datastudio.google.com/embed/reporting/firefox.exe, 0000000E.00000003.2460006844.000001EE736AF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://www.mozilla.com0gmpopenh264.dll.tmp.14.drfalse
                                                                                    		high
                                                                                    https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000012.00000002.4056352239.000001E504D86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB78F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.leboncoin.fr/firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://spocs.getpocket.com/spocsfirefox.exe, 0000000E.00000003.2464318248.000001EE79204000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2499801184.000001EE738C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2295077018.000001EE738C2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://shavar.services.mozilla.comfirefox.exe, 0000000E.00000003.2382031130.000001EE79675000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://completion.amazon.com/search/complete?q=firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2266127194.000001EE6EB52000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000E.00000003.2496792868.000001EE72487000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2459908255.000001EE736C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE72419000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE724E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000E.00000003.2439329306.000001EE7D041000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://monitor.firefox.com/breach-details/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000E.00000003.2449211826.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403023942.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://mozilla.org/0firefox.exe, 0000000E.00000003.2435616759.000004051C903000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-deffirefox.exe, 0000000E.00000003.2308477242.000001EE72C3F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://youtube.com/firefox.exe, 0000000E.00000003.2472807911.000001EE747AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://youtube.com0firefox.exe, 0000000E.00000003.2316682203.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2449211826.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2470625384.000001EE797CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462830826.000001EE797C1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                		unknown
                                                                                                                                https://youtube.com/account?=https://acfirefox.exe, 00000014.00000002.4055045280.00000200CB530000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://api.accounts.firefox.com/v1firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://login.lifirefox.exe, 0000000E.00000003.2405054723.000001EE72F8C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiprefs-1.js.14.drfalse
                                                                                                                                            		high
                                                                                                                                            https://www.amazon.com/firefox.exe, 0000000E.00000003.2451474520.000001EE747AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://www.amazon.com/(firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://www.youtube.com/firefox.exe, 0000000E.00000003.2379830332.000001EE7AB48000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2473278422.000001EE73C4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2458908999.000001EE73C37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB70C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000E.00000003.2363796106.000001EE72A20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://MD8.mozilla.org/1/mfirefox.exe, 0000000E.00000003.2473682299.000001EE738C0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.bbc.co.uk/firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000014.00000002.4056160514.00000200CB7C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://127.0.0.1:firefox.exe, 0000000E.00000003.2496357966.000001EE7272E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000E.00000003.2362169912.000001EE72A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000E.00000003.2326920435.000001EE732D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2359279168.000001EE732D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2318615169.000001EE732D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2383857337.000001EE732D4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://bugzilla.mofirefox.exe, 0000000E.00000003.2439329306.000001EE7D05A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://mitmdetection.services.mozilla.com/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://detectportal.firefox.comPfirefox.exe, 0000000E.00000003.2458413611.000001EE73CD4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293864107.000001EE73CD4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000E.00000003.2381207211.000001EE7A2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2496792868.000001EE724E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456670552.000001EE7A2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317072156.000001EE73695000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://youtube.com/account?=firefox.exe, 0000000E.00000003.2459623834.000001EE736DC000.00000004.00000800.00020000.00000000.sdmp, recovery.jsonlz4.tmp.14.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://shavar.services.mozilla.com/firefox.exe, 0000000E.00000003.2470927765.000001EE79675000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://spocs.getpocket.com/firefox.exe, 0000000E.00000003.2464318248.000001EE79204000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74B1A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301327449.000001EE7AB75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.4056352239.000001E504D12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000014.00000002.4056160514.00000200CB713000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://www.iqiyi.com/firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://support.mozilla.org/products/firefoxgro.allizom.troppus.places.sqlite-wal.14.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://monitor.firefox.com/user/dashboardfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://monitor.firefox.com/aboutfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://mozilla.org/MPL/2.0/.firefox.exe, 0000000E.00000003.2357228520.000001EE74DB4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2432101297.000001EE7167A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2441972096.000001EE7319E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2441721673.000001EE73212000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2383857337.000001EE732E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2384187293.000001EE73256000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2392875478.000001EE6E7D2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2404540226.000001EE72FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403928138.000001EE7311B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271402982.000001EE6E7DF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2432101297.000001EE71668000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2423384120.000001EE73259000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2485090808.000001EE729F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2389534013.000001EE71663000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2450165564.000001EE7924C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2425397499.000001EE7321F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2352357721.000001EE7328B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2454640414.000001EE7165D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2500771610.000001EE71EA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2405054723.000001EE72F7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2442515255.000001EE73293000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://www.openh264.org/firefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://youtube.com/firefox.exe, 0000000E.00000003.2316682203.000001EE797E1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://coverage.mozilla.orgfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.14.drfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        http://x1.c.lencr.org/0firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://x1.i.lencr.org/0firefox.exe, 0000000E.00000003.2382440806.000001EE792AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000E.00000003.2463348557.000001EE793CA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000E.00000003.2288543144.000001EE79423000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://blocked.cdn.mozilla.net/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://json-schema.org/draft/2019-09/schemafirefox.exe, 0000000E.00000003.2316682203.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2470625384.000001EE797C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2449211826.000001EE797B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302450826.000001EE797C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2462830826.000001EE797C1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000E.00000003.2496792868.000001EE724AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://duckduckgo.com/?t=ffab&q=firefox.exe, 0000000E.00000003.2382543008.000001EE79288000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://profiler.firefox.comfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://identity.mozilla.com/apps/relayfirefox.exe, 0000000E.00000003.2484166207.000001EE7AA42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2380620120.000001EE7AA3E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000E.00000003.2451474520.000001EE74773000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://bugzilla.mozilla.org/show_bug.cgi?id=1678448firefox.exe, 0000000E.00000003.2363796106.000001EE72A20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362169912.000001EE72A11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362996583.000001EE72A1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363134554.000001EE72A11000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    http://mozilla.org/Zyslfirefox.exe, 0000000E.00000003.2435616759.000004051C903000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/firefox.exe, 0000000E.00000003.2483360866.000001EE7C7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2379610914.000001EE7C77D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        https://contile.services.mozilla.com/v1/tilesfirefox.exe, 0000000E.00000003.2473649352.000001EE738CF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          https://www.amazon.co.uk/firefox.exe, 0000000E.00000003.2301670018.000001EE7AB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2456540245.000001EE7AB2B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/firefox.exe, 0000000E.00000003.2468421001.000001EE7D14C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://monitor.firefox.com/user/preferencesfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://screenshots.firefox.com/firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  https://www.google.com/searchfirefox.exe, 0000000E.00000003.2475067911.000001EE73625000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265564993.000001EE70F00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265741112.000001EE6EB0F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265921114.000001EE6EB31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2424654007.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2266127194.000001EE6EB52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2403023942.000001EE7A32E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    https://relay.firefox.com/api/v1/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-reportfirefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://topsites.services.mozilla.com/cid/firefox.exe, 00000010.00000002.4056158820.0000024345B00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.4055087733.000001E504B40000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000014.00000002.4055672507.00000200CB570000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                          https://www.wykop.pl/firefox.exe, 0000000E.00000003.2472245727.000001EE74BC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2451245011.000001EE74BC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                            		high

                                                                                                                                                                                                                                                                            World Map of Contacted IPs

                                                                                                                                                                                                                                                                            • No. of IPs < 25%
                                                                                                                                                                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                            • 75% < No. of IPs

                                                                                                                                                                                                                                                                            Public IPs

                                                                                                                                                                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                            34.209.7.244
                                                                                                                                                                                                                                                                            		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                            172.217.18.14
                                                                                                                                                                                                                                                                            		youtube.comUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            2.22.61.56
                                                                                                                                                                                                                                                                            		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                            34.149.100.209
                                                                                                                                                                                                                                                                            		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                            34.107.243.93
                                                                                                                                                                                                                                                                            		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            34.107.221.82
                                                                                                                                                                                                                                                                            		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            35.244.181.201
                                                                                                                                                                                                                                                                            		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            34.49.51.44
                                                                                                                                                                                                                                                                            		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                            34.117.188.166
                                                                                                                                                                                                                                                                            		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                            		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                            151.101.193.91
                                                                                                                                                                                                                                                                            		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                            35.190.72.216
                                                                                                                                                                                                                                                                            		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            34.160.144.191
                                                                                                                                                                                                                                                                            		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                            34.120.208.123
                                                                                                                                                                                                                                                                            		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                            Private

                                                                                                                                                                                                                                                                            IP
                                                                                                                                                                                                                                                                            127.0.0.1

                                                                                                                                                                                                                                                                            General Information

                                                                                                                                                                                                                                                                            Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                            Analysis ID:1615904
                                                                                                                                                                                                                                                                            Start date and time:2025-02-15 17:36:57 +01:00
                                                                                                                                                                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                            Overall analysis duration:0h 7m 39s
                                                                                                                                                                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                            Report type:full
                                                                                                                                                                                                                                                                            Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                            Run name:Run with higher sleep bypass
                                                                                                                                                                                                                                                                            Number of analysed new started processes analysed:22
                                                                                                                                                                                                                                                                            Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                            Number of existing processes analysed:0
                                                                                                                                                                                                                                                                            Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                            Number of injected processes analysed:0
                                                                                                                                                                                                                                                                            Technologies:
                                                                                                                                                                                                                                                                            • HCA enabled
                                                                                                                                                                                                                                                                            • EGA enabled
                                                                                                                                                                                                                                                                            • AMSI enabled
                                                                                                                                                                                                                                                                            Analysis Mode:default
                                                                                                                                                                                                                                                                            Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                            Sample name:random.exe
                                                                                                                                                                                                                                                                            Detection:MAL
                                                                                                                                                                                                                                                                            Classification:mal76.troj.evad.winEXE@34/38@74/14
                                                                                                                                                                                                                                                                            EGA Information:
                                                                                                                                                                                                                                                                            • Successful, ratio: 50%
                                                                                                                                                                                                                                                                            HCA Information:
                                                                                                                                                                                                                                                                            • Successful, ratio: 96%
                                                                                                                                                                                                                                                                            • Number of executed functions: 51
                                                                                                                                                                                                                                                                            • Number of non-executed functions: 290
                                                                                                                                                                                                                                                                            Cookbook Comments:
                                                                                                                                                                                                                                                                            • Found application associated with file extension: .exe
                                                                                                                                                                                                                                                                            • Sleeps bigger than 100000000ms are automatically reduced to 1000ms
                                                                                                                                                                                                                                                                            • Sleep loops longer than 100000000ms are bypassed. Single calls with delay of 100000000ms and higher are ignored

                                                                                                                                                                                                                                                                            Warnings

                                                                                                                                                                                                                                                                            • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                                                                            • Excluded IPs from analysis (whitelisted): 142.250.80.78, 142.250.184.202, 216.58.206.42, 142.250.186.46, 142.250.185.142, 13.107.246.45, 2.18.97.153, 52.149.20.212
                                                                                                                                                                                                                                                                            • Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, ciscobinary.openh264.org, slscr.update.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, 7.4.8.4.4.3.1.4.0.0.0.0.0.0.0.0.0.0.0.a.0.0.1.f.1.1.1.0.1.0.a.2.ip6.arpa, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, aus5.mozilla.org, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, redirector.gvt1.com, azureedge-t-prod.trafficmanager.net, safebrowsing.googleapis.com, location.services.mozilla.com
                                                                                                                                                                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                            • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                            Simulations

                                                                                                                                                                                                                                                                            Behavior and APIs

                                                                                                                                                                                                                                                                            No simulations

                                                                                                                                                                                                                                                                            Joe Sandbox View / Context

                                                                                                                                                                                                                                                                            IPs

                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                            34.49.51.44random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                          4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                              2.22.61.56random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                              34.149.100.209https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                        https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                Domains

                                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                example.orghttps://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 23.215.0.132
                                                                                                                                                                                                                                                                                                                Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 23.215.0.133
                                                                                                                                                                                                                                                                                                                https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                • 96.7.128.186
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 96.7.128.192
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 23.215.0.132
                                                                                                                                                                                                                                                                                                                https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 23.215.0.132
                                                                                                                                                                                                                                                                                                                YWih6T9PUp.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                • 23.215.0.133
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 23.215.0.132
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 96.7.128.186
                                                                                                                                                                                                                                                                                                                shavar.prod.mozaws.nethttps://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 34.208.172.229
                                                                                                                                                                                                                                                                                                                Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 34.208.172.229
                                                                                                                                                                                                                                                                                                                https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                • 52.35.152.253
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 52.35.181.117
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 34.208.172.229
                                                                                                                                                                                                                                                                                                                https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 52.35.181.117
                                                                                                                                                                                                                                                                                                                YWih6T9PUp.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                • 52.35.181.117
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 52.35.152.253
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 52.35.152.253
                                                                                                                                                                                                                                                                                                                twitter.comhttps://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 104.244.42.65
                                                                                                                                                                                                                                                                                                                Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 104.244.42.129
                                                                                                                                                                                                                                                                                                                https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 104.244.42.129
                                                                                                                                                                                                                                                                                                                star-mini.c10r.facebook.comhttps://we324msnbi.pages.dev/Xfi_files/prism-ui.esm-53da3fe.jsGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.252.35
                                                                                                                                                                                                                                                                                                                https://we324msnbi.pages.dev/assets/favicons/default/site.webmanifestGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.252.35
                                                                                                                                                                                                                                                                                                                http://avaliadordemarcas.net.br/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.0.35
                                                                                                                                                                                                                                                                                                                https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.252.35
                                                                                                                                                                                                                                                                                                                Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.252.35
                                                                                                                                                                                                                                                                                                                https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.0.35
                                                                                                                                                                                                                                                                                                                https://notifications.google.com/g/p/ANiao5qKfpKGd2jYVQDb7vORoVGY96M_apQZWQcfuLgUh0GZyBJANTtYK9_noZQ1711qN-Nnm0DMf_B0c07RxsIpTsLOXIG6nNUkP7-522wWZZkizIeUQoaYMxfvubAPN7K6vgKfJCjpF3Y3VSFZPtNm5n34HM86QMFnOVYHFycjRojvprEeSViyQqV_RbPVd9Nh3y1jQx8FWiMJd_UXkRWlNs4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.251.35
                                                                                                                                                                                                                                                                                                                http://hookersbaits.co.ukGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.253.35
                                                                                                                                                                                                                                                                                                                http://hrworld.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 157.240.251.35

                                                                                                                                                                                                                                                                                                                ASNs

                                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                AMAZON-02USna.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                • 54.171.230.55
                                                                                                                                                                                                                                                                                                                na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                • 54.171.230.55
                                                                                                                                                                                                                                                                                                                arm6.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 54.171.230.55
                                                                                                                                                                                                                                                                                                                pdf946946.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                                                                                                                                                                                                • 35.157.63.229
                                                                                                                                                                                                                                                                                                                efjepc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 54.171.230.55
                                                                                                                                                                                                                                                                                                                main_ppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                • 54.171.230.55
                                                                                                                                                                                                                                                                                                                CUD--Quotation list.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                • 13.248.169.48
                                                                                                                                                                                                                                                                                                                telnet.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 44.241.44.184
                                                                                                                                                                                                                                                                                                                telnet.sh4.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 52.52.139.161
                                                                                                                                                                                                                                                                                                                AKAMAI-ASN1EUGasTechnologyPartnership.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 95.101.182.112
                                                                                                                                                                                                                                                                                                                arm4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                • 88.221.149.135
                                                                                                                                                                                                                                                                                                                arm5.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                • 95.100.100.163
                                                                                                                                                                                                                                                                                                                x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                • 88.221.95.65
                                                                                                                                                                                                                                                                                                                https://cle.soundestlink.com/ce/c/67af4e08a90b85f6c51e3649/67af4e37c622ca8b13b0643e/67af4e500930257798ab6691?signature=6622e2772a21e189f04bbff6dbd8020cb3c1977d0aa04e3285c329f387017382Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 95.101.182.65
                                                                                                                                                                                                                                                                                                                https://blovkdappfixkk.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 2.22.242.136
                                                                                                                                                                                                                                                                                                                https://reprogrammer.livraison.3-75-178-102.cprapid.com/dpd/update.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 2.22.242.130
                                                                                                                                                                                                                                                                                                                http://gaer.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 2.21.65.135
                                                                                                                                                                                                                                                                                                                http://ctakkponmndiri.siitusressmi.web.id/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 23.213.161.219
                                                                                                                                                                                                                                                                                                                ATGS-MMD-ASUStelnet.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 48.72.1.111
                                                                                                                                                                                                                                                                                                                telnet.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 34.179.18.251
                                                                                                                                                                                                                                                                                                                telnet.ppc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 32.168.123.169
                                                                                                                                                                                                                                                                                                                res.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 33.118.35.157
                                                                                                                                                                                                                                                                                                                res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 32.59.106.150
                                                                                                                                                                                                                                                                                                                https://blovkdappfixkk.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 34.149.94.206
                                                                                                                                                                                                                                                                                                                https://reprogrammer.livraison.3-75-178-102.cprapid.com/dpd/update.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 57.129.39.243
                                                                                                                                                                                                                                                                                                                https://junoupdatesecurity.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 57.129.39.243
                                                                                                                                                                                                                                                                                                                res.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 51.35.40.188
                                                                                                                                                                                                                                                                                                                ATGS-MMD-ASUStelnet.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 48.72.1.111
                                                                                                                                                                                                                                                                                                                telnet.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 34.179.18.251
                                                                                                                                                                                                                                                                                                                telnet.ppc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 32.168.123.169
                                                                                                                                                                                                                                                                                                                res.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 33.118.35.157
                                                                                                                                                                                                                                                                                                                res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 32.59.106.150
                                                                                                                                                                                                                                                                                                                https://blovkdappfixkk.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 34.149.94.206
                                                                                                                                                                                                                                                                                                                https://reprogrammer.livraison.3-75-178-102.cprapid.com/dpd/update.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 57.129.39.243
                                                                                                                                                                                                                                                                                                                https://junoupdatesecurity.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                • 57.129.39.243
                                                                                                                                                                                                                                                                                                                res.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                • 51.35.40.188

                                                                                                                                                                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                fb0aa01abe9d8e4037eb3473ca6e2dcarandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                • 151.101.193.91
                                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                                • 34.120.208.123

                                                                                                                                                                                                                                                                                                                Dropped Files

                                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                              4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmphttps://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                        px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                    C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_08642342-5486-44eb-bd21-1fa03f6f0ef5.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):7946
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.175983223495298
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:sBMX51utbhbVbTbfbRbObtbyEl7n0NKJA6unSrDtTkdxSofim:siWtNhnzFSJUNZ1nSrDhkdx+m
                                                                                                                                                                                                                                                                                                                                                    MD5:86CE58CE94E8D534FE129CA4C6D19FAA
                                                                                                                                                                                                                                                                                                                                                    SHA1:4BB248437051DE29EF3E92529662E3669E2E80D8
                                                                                                                                                                                                                                                                                                                                                    SHA-256:9AC3EEB58589B68E42DD61D5DB0987E05458EBCC4F5FF32F599175ECF4EA9AAA
                                                                                                                                                                                                                                                                                                                                                    SHA-512:77CAD5B9FAC34217CDFAA2B3FBD7394EA91BA38AC3F4DD74C740F51F9B366070C8659E81F493C719D69D67A8FEDCB6C48248682951B34D52F98D1384503DEAB1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"type":"uninstall","id":"08642342-5486-44eb-bd21-1fa03f6f0ef5","creationDate":"2025-02-15T18:20:19.530Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"7340e351-fad3-4a0f-b554-971fbfafe8fb","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                    C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_08642342-5486-44eb-bd21-1fa03f6f0ef5.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):7946
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.175983223495298
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:sBMX51utbhbVbTbfbRbObtbyEl7n0NKJA6unSrDtTkdxSofim:siWtNhnzFSJUNZ1nSrDhkdx+m
                                                                                                                                                                                                                                                                                                                                                    MD5:86CE58CE94E8D534FE129CA4C6D19FAA
                                                                                                                                                                                                                                                                                                                                                    SHA1:4BB248437051DE29EF3E92529662E3669E2E80D8
                                                                                                                                                                                                                                                                                                                                                    SHA-256:9AC3EEB58589B68E42DD61D5DB0987E05458EBCC4F5FF32F599175ECF4EA9AAA
                                                                                                                                                                                                                                                                                                                                                    SHA-512:77CAD5B9FAC34217CDFAA2B3FBD7394EA91BA38AC3F4DD74C740F51F9B366070C8659E81F493C719D69D67A8FEDCB6C48248682951B34D52F98D1384503DEAB1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"type":"uninstall","id":"08642342-5486-44eb-bd21-1fa03f6f0ef5","creationDate":"2025-02-15T18:20:19.530Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"7340e351-fad3-4a0f-b554-971fbfafe8fb","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                                    MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                                    SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                                    SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                                    SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                                    MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                                    SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                                    SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.316995205435863
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:QdbGL9UgdwkzSdbGLD6Bdw0AdbGLjadwW1:jsQ
                                                                                                                                                                                                                                                                                                                                                    MD5:CDBE01882EF55A077D35724FF3721605
                                                                                                                                                                                                                                                                                                                                                    SHA1:88C0ECEF70CCF8314ADD591F0BF1E6DDD3E56FC6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:764F4E5229E629C001C2709F85D0D41C4CF7198493996D381F3C72C8547EE1AC
                                                                                                                                                                                                                                                                                                                                                    SHA-512:31DA207873008B5600431D374407D49E6D47D690D8E5FA83C9F2BEA9F972678EE4315CAE6357AFD930B7B64387B94CA8995436003B92699C092A3DAB92913888
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IOZ......B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WOZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WOZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z....................C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5G9YKO8EYRTCEKYNETZF.temp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:modified
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.316995205435863
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:QdbGL9UgdwkzSdbGLD6Bdw0AdbGLjadwW1:jsQ
                                                                                                                                                                                                                                                                                                                                                    MD5:CDBE01882EF55A077D35724FF3721605
                                                                                                                                                                                                                                                                                                                                                    SHA1:88C0ECEF70CCF8314ADD591F0BF1E6DDD3E56FC6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:764F4E5229E629C001C2709F85D0D41C4CF7198493996D381F3C72C8547EE1AC
                                                                                                                                                                                                                                                                                                                                                    SHA-512:31DA207873008B5600431D374407D49E6D47D690D8E5FA83C9F2BEA9F972678EE4315CAE6357AFD930B7B64387B94CA8995436003B92699C092A3DAB92913888
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IOZ......B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WOZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WOZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z....................C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.316995205435863
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:QdbGL9UgdwkzSdbGLD6Bdw0AdbGLjadwW1:jsQ
                                                                                                                                                                                                                                                                                                                                                    MD5:CDBE01882EF55A077D35724FF3721605
                                                                                                                                                                                                                                                                                                                                                    SHA1:88C0ECEF70CCF8314ADD591F0BF1E6DDD3E56FC6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:764F4E5229E629C001C2709F85D0D41C4CF7198493996D381F3C72C8547EE1AC
                                                                                                                                                                                                                                                                                                                                                    SHA-512:31DA207873008B5600431D374407D49E6D47D690D8E5FA83C9F2BEA9F972678EE4315CAE6357AFD930B7B64387B94CA8995436003B92699C092A3DAB92913888
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IOZ......B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WOZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WOZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z....................C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\KAM4ES32A3063RQV4BQ6.temp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.316995205435863
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:QdbGL9UgdwkzSdbGLD6Bdw0AdbGLjadwW1:jsQ
                                                                                                                                                                                                                                                                                                                                                    MD5:CDBE01882EF55A077D35724FF3721605
                                                                                                                                                                                                                                                                                                                                                    SHA1:88C0ECEF70CCF8314ADD591F0BF1E6DDD3E56FC6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:764F4E5229E629C001C2709F85D0D41C4CF7198493996D381F3C72C8547EE1AC
                                                                                                                                                                                                                                                                                                                                                    SHA-512:31DA207873008B5600431D374407D49E6D47D690D8E5FA83C9F2BEA9F972678EE4315CAE6357AFD930B7B64387B94CA8995436003B92699C092A3DAB92913888
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IOZ......B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WOZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WOZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z....................C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4419
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.931553379688595
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:gXiNFS+OcPUFEOdwNIOdwBjvYVbsLKvIv8P:gXiNFS+OcUGOdwiOdwBjkYLKQv8P
                                                                                                                                                                                                                                                                                                                                                    MD5:D6A04E5D168216BE90B534D758E20442
                                                                                                                                                                                                                                                                                                                                                    SHA1:5D81E3C9FD1D932AC3270B05F0E7EBAD8811ED14
                                                                                                                                                                                                                                                                                                                                                    SHA-256:15BCC8F4C765CACE84A54245A7AFDB987F7E2A1E7D744850EBFA1A0EB4239F2E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:8DE05D35C72A96352352E0DE826AA3B3EF99ECF0BA5C04A2AF29D914059FB84DCAA233617E20E858BDA25DE24EDF888A8D746253E4A744F165EFBC6D7534BE56
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"bookmarks-toolbar-default-on":{"slug":"bookmarks-toolbar-default-on","branch":{"slug":"treatment-a","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"enableBookmarksToolbar":"always"},"enabled":true,"featureId":"bookmarks"}]},"active":true,"enrollmentId":"d48f64a8-a4ab-4cdd-a650-4b386e41a201","experimentType":"nimbus","source":"rs-loader","userFacingName":"Bookmarks Toolbar Default On","userFacingDescription":"An experiment that turns the bookmarks toolbar on by default.","lastSeen":"2023-10-05T06:20:35.557Z","featureIds":["bookmarks"],"prefs":[{"name":"browser.toolbars.bookmarks.visibility","branch":"user","featureId":"bookmarks","variable":"enableBookmarksToolbar","originalValue":null}],"isRollout":false},"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-s

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4419
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.931553379688595
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:gXiNFS+OcPUFEOdwNIOdwBjvYVbsLKvIv8P:gXiNFS+OcUGOdwiOdwBjkYLKQv8P
                                                                                                                                                                                                                                                                                                                                                    MD5:D6A04E5D168216BE90B534D758E20442
                                                                                                                                                                                                                                                                                                                                                    SHA1:5D81E3C9FD1D932AC3270B05F0E7EBAD8811ED14
                                                                                                                                                                                                                                                                                                                                                    SHA-256:15BCC8F4C765CACE84A54245A7AFDB987F7E2A1E7D744850EBFA1A0EB4239F2E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:8DE05D35C72A96352352E0DE826AA3B3EF99ECF0BA5C04A2AF29D914059FB84DCAA233617E20E858BDA25DE24EDF888A8D746253E4A744F165EFBC6D7534BE56
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"bookmarks-toolbar-default-on":{"slug":"bookmarks-toolbar-default-on","branch":{"slug":"treatment-a","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"enableBookmarksToolbar":"always"},"enabled":true,"featureId":"bookmarks"}]},"active":true,"enrollmentId":"d48f64a8-a4ab-4cdd-a650-4b386e41a201","experimentType":"nimbus","source":"rs-loader","userFacingName":"Bookmarks Toolbar Default On","userFacingDescription":"An experiment that turns the bookmarks toolbar on by default.","lastSeen":"2023-10-05T06:20:35.557Z","featureIds":["bookmarks"],"prefs":[{"name":"browser.toolbars.bookmarks.visibility","branch":"user","featureId":"bookmarks","variable":"enableBookmarksToolbar","originalValue":null}],"isRollout":false},"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-s

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                                    MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                                    SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                                    SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                                    MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                                    SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                                    SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                    MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                    SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                    SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                    SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                    MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                    SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                    SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                    SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                                    MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                                                    SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                                                    SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                                                    SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                    MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                    SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                    SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                    MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                    SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                    SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.185052013683835
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:768:AI4wvfCXh496G4C4U1W4z4xuHhvp4N4Tc4Z4S4t24U:AruBv3
                                                                                                                                                                                                                                                                                                                                                    MD5:10E2D85FEF0DB266E519048D63617FA8
                                                                                                                                                                                                                                                                                                                                                    SHA1:EBB307C44EBEFFA271AC58FDDE5C3A1BA52AE7B0
                                                                                                                                                                                                                                                                                                                                                    SHA-256:92143A48F55639B5BD01385D0E4E78EDED4F84401A91C12AC06251EE188CFE0E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:164CBE725B44020AD40D165A1B1C242A7016ED8933AB9502D0D38E6CD99887D9DF49533DE54068AA4E5D8476C7791B52518A8477B8961475B7CB2C3AF54B81B1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{87ef1fa3-cb84-4bbf-a615-45a1d14b629d}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.185052013683835
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:768:AI4wvfCXh496G4C4U1W4z4xuHhvp4N4Tc4Z4S4t24U:AruBv3
                                                                                                                                                                                                                                                                                                                                                    MD5:10E2D85FEF0DB266E519048D63617FA8
                                                                                                                                                                                                                                                                                                                                                    SHA1:EBB307C44EBEFFA271AC58FDDE5C3A1BA52AE7B0
                                                                                                                                                                                                                                                                                                                                                    SHA-256:92143A48F55639B5BD01385D0E4E78EDED4F84401A91C12AC06251EE188CFE0E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:164CBE725B44020AD40D165A1B1C242A7016ED8933AB9502D0D38E6CD99887D9DF49533DE54068AA4E5D8476C7791B52518A8477B8961475B7CB2C3AF54B81B1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{87ef1fa3-cb84-4bbf-a615-45a1d14b629d}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                                    MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                                    SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                                    SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                    MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                    SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                    SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                    MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                    SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                    SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                    MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                    SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                    SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                    MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                    SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                    SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.07330954253084002
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zki:DLhesh7Owd4+ji
                                                                                                                                                                                                                                                                                                                                                    MD5:A842B5AC12902828AF9DEB27BEE27143
                                                                                                                                                                                                                                                                                                                                                    SHA1:3D5F0C727A26B0A202807BD0F6C27AEA58BE9ECA
                                                                                                                                                                                                                                                                                                                                                    SHA-256:391D683FA419A9256B3E1E276CB8C5DF420079B132F2B501AFADAB241AF13391
                                                                                                                                                                                                                                                                                                                                                    SHA-512:9D77701C2884A1BAC1A17DFB94D2AC21AC5952AA0D2F30F1F9C531ACEE930200C62543A333F1AF449895E351A4A4106867F8CD60D77822679888F55351CC3FA6
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.039629310946426154
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:GHlhVi7YndYFlhVi7YndYslol8a9//Ylll4llqlyllel4lt:G7Vi8aJVi8asGL9XIwlio
                                                                                                                                                                                                                                                                                                                                                    MD5:8D743CAE3AC101AA74E6249F25D33688
                                                                                                                                                                                                                                                                                                                                                    SHA1:6C5CFE168C7C035F0DE0D53B15CD6EBE372BB68D
                                                                                                                                                                                                                                                                                                                                                    SHA-256:8BA66A65DA79DAE40EF7FCDEA52211574735205A8E5BCE172D4F2313622793BF
                                                                                                                                                                                                                                                                                                                                                    SHA-512:572314EB11C3A5C3788F9C6A46EFAD79E9C792B9B7C0BB923FB097FF1F7733BB5D0741DFD3083A75BAA9689977A7D8FD60501186FD5E748D9F9719001176D045
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:..-...........................z3.&u.z..M..=..}Z...-...........................z3.&u.z..M..=..}Z.........................................................'...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):163992
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.09520620911300949
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:KQy8jP/M7tyrHLxs9YCiyNo5xsMldCCQE/TSKCrsCs81xsayAytG4gmwlk2iEg:51Pot8sKJzJKDC8XVyAOG4U2
                                                                                                                                                                                                                                                                                                                                                    MD5:0EF0E09A387017B3103B0B0BBEB835CF
                                                                                                                                                                                                                                                                                                                                                    SHA1:FD4CFBBAE640FE0C2ADCEB3DE9614271B5012B0C
                                                                                                                                                                                                                                                                                                                                                    SHA-256:7DF545D73449A8EA1CD101357A1EA7FE92D7AC6AA319362C582D38D6A07D5E1E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A389974A926DD73D6DF6A00A0C0D09ECE45DBB70307BF125F4AF8FDE9B7EFD51A2D1D6EE9FE6EB8F5C665CEB1F4F4E3B2AC4D757A8A5EF89261E31EB6C32D354
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:7....-...........&u.z..M.<)..W...........&u.z..MT...$.<.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):14081
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.468214952557115
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:ynTFTRRUYbBp61LZNMGaXy6qU4OTzy+/3/7KQS5RYiNBw8sbSl:YKeQFNMlRvyCKrdw90
                                                                                                                                                                                                                                                                                                                                                    MD5:173806A917965E34CB770C3E5915822D
                                                                                                                                                                                                                                                                                                                                                    SHA1:EB90515ABFB35C120BDDF35D0A0C0CA2F38FA37E
                                                                                                                                                                                                                                                                                                                                                    SHA-256:AA120C51B44CD01525DD0B75D60477D66A15DFAACA5A856CEF8E47B1ACD7D6B9
                                                                                                                                                                                                                                                                                                                                                    SHA-512:68B136D81973B5C0D3BC283922E182ADD5E216A2F0AD437360E400FC6008B9887FF24D129DDFAA8A6DBD4F4A45B53AE70BA1AFD876A5FD9D868F46E241C6A539
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739643589);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739643589);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739643589);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173964

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):14081
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.468214952557115
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:ynTFTRRUYbBp61LZNMGaXy6qU4OTzy+/3/7KQS5RYiNBw8sbSl:YKeQFNMlRvyCKrdw90
                                                                                                                                                                                                                                                                                                                                                    MD5:173806A917965E34CB770C3E5915822D
                                                                                                                                                                                                                                                                                                                                                    SHA1:EB90515ABFB35C120BDDF35D0A0C0CA2F38FA37E
                                                                                                                                                                                                                                                                                                                                                    SHA-256:AA120C51B44CD01525DD0B75D60477D66A15DFAACA5A856CEF8E47B1ACD7D6B9
                                                                                                                                                                                                                                                                                                                                                    SHA-512:68B136D81973B5C0D3BC283922E182ADD5E216A2F0AD437360E400FC6008B9887FF24D129DDFAA8A6DBD4F4A45B53AE70BA1AFD876A5FD9D868F46E241C6A539
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739643589);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739643589);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739643589);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173964

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                                                    MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                                                    SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                                                    SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                                                    SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                    MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                    SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                    SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                    SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                    MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                    SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                    SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                    SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1573
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.332913401963869
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:v+USUGlcAxSMbl+LXnIgi/pnxQwRlszT5sKL0IKsHVvwKXT4amhujJmyOOxmOmaR:GUpOxB+ynR66sNwCT44JNKRh4
                                                                                                                                                                                                                                                                                                                                                    MD5:BDA1D2F6CCF8565172C11C15D01393FD
                                                                                                                                                                                                                                                                                                                                                    SHA1:6F50072667C0815EECA5737DF6AF3D57A6A75687
                                                                                                                                                                                                                                                                                                                                                    SHA-256:6EFD64A8006E13EDC874B8DEC53C7030DAC1A2CA06000674B8AF16347D6BFC50
                                                                                                                                                                                                                                                                                                                                                    SHA-512:55B8576F79CC04E0D669883B7AB47EA92425E2F3D68CC0E08A7B8E25EE6566812AD5E97DA9C1FF6E10CA8A8C2C64612A8058779D46E32D1E1922718563268A13
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{4cf14dac-a5cb-4d7b-9061-6e1250308bf9}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1739643594040,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...46f3a197-db49-410a-81b3-94975c835573","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..P59223...centCrash..B0},".....Dcook....host":"addons.mozilla.org","valu...Abfc0b67c202aaf415a5b7a51708a5c3270bb6f2f7664428a48797f00afbef6fc","path":"/","na..a"taarI|.Recure...,`.Donly..fexpiry...69106,"originA...

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1573
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.332913401963869
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:v+USUGlcAxSMbl+LXnIgi/pnxQwRlszT5sKL0IKsHVvwKXT4amhujJmyOOxmOmaR:GUpOxB+ynR66sNwCT44JNKRh4
                                                                                                                                                                                                                                                                                                                                                    MD5:BDA1D2F6CCF8565172C11C15D01393FD
                                                                                                                                                                                                                                                                                                                                                    SHA1:6F50072667C0815EECA5737DF6AF3D57A6A75687
                                                                                                                                                                                                                                                                                                                                                    SHA-256:6EFD64A8006E13EDC874B8DEC53C7030DAC1A2CA06000674B8AF16347D6BFC50
                                                                                                                                                                                                                                                                                                                                                    SHA-512:55B8576F79CC04E0D669883B7AB47EA92425E2F3D68CC0E08A7B8E25EE6566812AD5E97DA9C1FF6E10CA8A8C2C64612A8058779D46E32D1E1922718563268A13
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{4cf14dac-a5cb-4d7b-9061-6e1250308bf9}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1739643594040,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...46f3a197-db49-410a-81b3-94975c835573","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..P59223...centCrash..B0},".....Dcook....host":"addons.mozilla.org","valu...Abfc0b67c202aaf415a5b7a51708a5c3270bb6f2f7664428a48797f00afbef6fc","path":"/","na..a"taarI|.Recure...,`.Donly..fexpiry...69106,"originA...

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1573
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.332913401963869
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:v+USUGlcAxSMbl+LXnIgi/pnxQwRlszT5sKL0IKsHVvwKXT4amhujJmyOOxmOmaR:GUpOxB+ynR66sNwCT44JNKRh4
                                                                                                                                                                                                                                                                                                                                                    MD5:BDA1D2F6CCF8565172C11C15D01393FD
                                                                                                                                                                                                                                                                                                                                                    SHA1:6F50072667C0815EECA5737DF6AF3D57A6A75687
                                                                                                                                                                                                                                                                                                                                                    SHA-256:6EFD64A8006E13EDC874B8DEC53C7030DAC1A2CA06000674B8AF16347D6BFC50
                                                                                                                                                                                                                                                                                                                                                    SHA-512:55B8576F79CC04E0D669883B7AB47EA92425E2F3D68CC0E08A7B8E25EE6566812AD5E97DA9C1FF6E10CA8A8C2C64612A8058779D46E32D1E1922718563268A13
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{4cf14dac-a5cb-4d7b-9061-6e1250308bf9}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1739643594040,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...46f3a197-db49-410a-81b3-94975c835573","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..P59223...centCrash..B0},".....Dcook....host":"addons.mozilla.org","valu...Abfc0b67c202aaf415a5b7a51708a5c3270bb6f2f7664428a48797f00afbef6fc","path":"/","na..a"taarI|.Recure...,`.Donly..fexpiry...69106,"originA...

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 4, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):2.042811512334329
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:JBkSldh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jkSWEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                                                    MD5:21235938025E2102017AC8C9748948A4
                                                                                                                                                                                                                                                                                                                                                    SHA1:A1EED1C4588724A8396C95FC9923C0A33B360FF8
                                                                                                                                                                                                                                                                                                                                                    SHA-256:E34B06B180E3F73DC8E441650BB7FE694A9D58E927412D6ED40B0852B784824E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D334B419A2A75179C17D7F53BF65FCC132ADE03B21059F0007ACDBB08284A281D8CE1C1CC598E6A070024D0DAE158E2E9618E121342BE068E87A051FE33D6061
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4411
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.009782503816822
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:YrSAYfHqUQZpExB1+anOdW6VhOGVpWJzzcsYMsku7f86SLAVL775FtsfAcbyJFde:ycfCTEr5NfJzzcBvbw6Kkvrc2Rn27
                                                                                                                                                                                                                                                                                                                                                    MD5:C242E2107E597C4E0243A03CE4FE462F
                                                                                                                                                                                                                                                                                                                                                    SHA1:9A67C1CC7B4E36B5904F25D8DBB1F59FC2CB1FFC
                                                                                                                                                                                                                                                                                                                                                    SHA-256:D3CB91BEBC4118DF689DD1D73F67E30FBD98F819739E8F7BB485658219151B86
                                                                                                                                                                                                                                                                                                                                                    SHA-512:69E029ED9FB6931A1E5D19D2FCF118DDA6BA0577F95ADA2113D0ACC3ADCCA248787817C3ADC17D1DD5BF20C1B7813855D6F2FA636EB70E50228466E65F1A30FA
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-15T18:19:36.469Z","profileAgeCreated":1696486829272,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4411
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.009782503816822
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:YrSAYfHqUQZpExB1+anOdW6VhOGVpWJzzcsYMsku7f86SLAVL775FtsfAcbyJFde:ycfCTEr5NfJzzcBvbw6Kkvrc2Rn27
                                                                                                                                                                                                                                                                                                                                                    MD5:C242E2107E597C4E0243A03CE4FE462F
                                                                                                                                                                                                                                                                                                                                                    SHA1:9A67C1CC7B4E36B5904F25D8DBB1F59FC2CB1FFC
                                                                                                                                                                                                                                                                                                                                                    SHA-256:D3CB91BEBC4118DF689DD1D73F67E30FBD98F819739E8F7BB485658219151B86
                                                                                                                                                                                                                                                                                                                                                    SHA-512:69E029ED9FB6931A1E5D19D2FCF118DDA6BA0577F95ADA2113D0ACC3ADCCA248787817C3ADC17D1DD5BF20C1B7813855D6F2FA636EB70E50228466E65F1A30FA
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-15T18:19:36.469Z","profileAgeCreated":1696486829272,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.703402848309974
                                                                                                                                                                                                                                                                                                                                                    TrID:
                                                                                                                                                                                                                                                                                                                                                    • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                                    File name:random.exe
                                                                                                                                                                                                                                                                                                                                                    File size:970'752 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5:bca58035430238fde9990df16040d699
                                                                                                                                                                                                                                                                                                                                                    SHA1:12e1f30c10f8d228e70d28bd6e315679d91aa46e
                                                                                                                                                                                                                                                                                                                                                    SHA256:6c64e6e99e9173fd2233d7f6afe27d80d47a377eaa624ee1ca7cc0df803c5cbb
                                                                                                                                                                                                                                                                                                                                                    SHA512:9c406772c7cd60374ba75e7a578c1bcb9319c6067bec6bb55c8f8a0176c5f0d4a71e8bc013bf51fba1d3fae5d9d7b1f97703029128602b77dcc0136fc6dd8d12
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24576:LqDEvCTbMWu7rQYlBQcBiT6rprG8a9xSma:LTvC/MTQYxsWR7a9x
                                                                                                                                                                                                                                                                                                                                                    TLSH:3A259E0273D1C062FF9B92334B5AF6515BBC69260123E61F13A81DB9BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                                                    File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                                                    File Icon

                                                                                                                                                                                                                                                                                                                                                    Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                                                    Static PE Info

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                                                    Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                                    Digitally signed:false
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                    Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                                    DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                                    Time Stamp:0x67B0B253 [Sat Feb 15 15:27:15 2025 UTC]
                                                                                                                                                                                                                                                                                                                                                    TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                                    CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                                    OS Version Major:5
                                                                                                                                                                                                                                                                                                                                                    OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                                    File Version Major:5
                                                                                                                                                                                                                                                                                                                                                    File Version Minor:1
                                                                                                                                                                                                                                                                                                                                                    Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                                    Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                                    Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                                                    Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                                    Instruction
                                                                                                                                                                                                                                                                                                                                                    call 00007F4650D91B43h
                                                                                                                                                                                                                                                                                                                                                    jmp 00007F4650D9144Fh
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    call 00007F4650D9162Dh
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                    mov eax, esi
                                                                                                                                                                                                                                                                                                                                                    pop esi
                                                                                                                                                                                                                                                                                                                                                    pop ebp
                                                                                                                                                                                                                                                                                                                                                    retn 0004h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                    ret
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    call 00007F4650D915FAh
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                    mov eax, esi
                                                                                                                                                                                                                                                                                                                                                    pop esi
                                                                                                                                                                                                                                                                                                                                                    pop ebp
                                                                                                                                                                                                                                                                                                                                                    retn 0004h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                    ret
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                    add eax, 04h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    call 00007F4650D941EDh
                                                                                                                                                                                                                                                                                                                                                    pop ecx
                                                                                                                                                                                                                                                                                                                                                    pop ecx
                                                                                                                                                                                                                                                                                                                                                    mov eax, esi
                                                                                                                                                                                                                                                                                                                                                    pop esi
                                                                                                                                                                                                                                                                                                                                                    pop ebp
                                                                                                                                                                                                                                                                                                                                                    retn 0004h
                                                                                                                                                                                                                                                                                                                                                    lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    call 00007F4650D94238h
                                                                                                                                                                                                                                                                                                                                                    pop ecx
                                                                                                                                                                                                                                                                                                                                                    ret
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    call 00007F4650D94221h
                                                                                                                                                                                                                                                                                                                                                    test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                                    pop ecx

                                                                                                                                                                                                                                                                                                                                                    Rich Headers

                                                                                                                                                                                                                                                                                                                                                    Programming Language:
                                                                                                                                                                                                                                                                                                                                                    • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                                    • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                                    Data Directories

                                                                                                                                                                                                                                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x16478.rsrc
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0xeb0000x7594.reloc
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                                    Sections

                                                                                                                                                                                                                                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                                    .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                    .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                    .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                    .rsrc0xd40000x164780x166004d0be74dd98be48d52e9475d3bd7a54cFalse0.7017610858938548data7.175656214223087IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                    .reloc0xeb0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                                    Resources

                                                                                                                                                                                                                                                                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                                                    RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                                                    RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                                                    RT_RCDATA0xdc8fc0xd5fadata1.000474643104896
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe9ef80x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe9f700x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe9f840x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe9f980x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                    RT_VERSION0xe9fac0xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                                                    RT_MANIFEST0xea0880x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                                                    Imports

                                                                                                                                                                                                                                                                                                                                                    DLLImport
                                                                                                                                                                                                                                                                                                                                                    WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                                                    VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                                                    WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                                                    COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                                                    MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                                                    WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                                                    PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                                                    IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                                                    USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                                                    UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                                                    KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                                                    USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                                                    GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                                                    COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                                                    ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                                                    SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                                                    ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                                                    OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                                                    Version Infos

                                                                                                                                                                                                                                                                                                                                                    DescriptionData
                                                                                                                                                                                                                                                                                                                                                    Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                                                    Possible Origin

                                                                                                                                                                                                                                                                                                                                                    Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                                    EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                                                                                                                                                                                                    TCP Packets

                                                                                                                                                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434037924 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434079885 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434163094 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434253931 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434317112 CET4978080192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434786081 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434793949 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.439260960 CET804978034.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.439531088 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.439546108 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.440494061 CET4978080192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441237926 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441276073 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441508055 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441550970 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441569090 CET4978080192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.443733931 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.445034027 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.445056915 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.446322918 CET804978034.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.721049070 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.721138954 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.721554041 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.723042011 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.723059893 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.731934071 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.731960058 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.732197046 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.733333111 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.733350039 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.733999014 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.734009027 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.741381884 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.741601944 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.741616011 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.898943901 CET804978034.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.916307926 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.916387081 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.941905022 CET4978080192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.081959009 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.082035065 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.082699060 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.082758904 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.087243080 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.087347031 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.088295937 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.088433981 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.199229956 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.199335098 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.206687927 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.206707954 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.206784010 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.208100080 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.208205938 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.664572954 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.664602995 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.665055990 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.669521093 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.669553995 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.669830084 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.669863939 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.669878006 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.670011044 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.670031071 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.670370102 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.670409918 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.670416117 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.672971010 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.673012018 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.673237085 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.673393011 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.673402071 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676049948 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676103115 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676299095 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676480055 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676497936 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676572084 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676590919 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676717043 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676737070 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676744938 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676872015 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.676963091 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.677043915 CET4434978635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.678302050 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.678626060 CET49786443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.875365019 CET44349779172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.875449896 CET49779443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.879328012 CET44349778172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.879334927 CET4434978235.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.879385948 CET49778443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.879440069 CET49782443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.883336067 CET4434978434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.883337021 CET4434978534.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.883457899 CET49785443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:06.883459091 CET49784443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004092932 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004143000 CET4434979634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004416943 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004462004 CET4434979734.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004652977 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004664898 CET4434979834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004760981 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.004770994 CET4434979934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.005346060 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.005359888 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.005359888 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.005378962 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.007056952 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.007095098 CET4434979634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.008435965 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.008454084 CET4434979734.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.009685993 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.009699106 CET4434979934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.010948896 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.010974884 CET4434979834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.012331963 CET4978080192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.017333984 CET804978034.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.021689892 CET4978080192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.472038031 CET4434979934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.472445965 CET4434979734.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.474328995 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.474510908 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480283976 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480307102 CET4434979934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480385065 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480405092 CET4434979734.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480416059 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480459929 CET4434979934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480526924 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480632067 CET4434979734.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480808973 CET49799443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.480878115 CET49797443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.481520891 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.481564999 CET4434980234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.482081890 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.482172012 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.482268095 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.482398033 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.482410908 CET4434980234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490293980 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490308046 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490385056 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490535975 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490583897 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490619898 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.493416071 CET4434979634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.493500948 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498342037 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498358011 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498472929 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498498917 CET4434979634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498548985 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498723030 CET4434979634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.500921011 CET49796443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.525574923 CET4434979834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.525650024 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.530474901 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.530488014 CET4434979834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.530561924 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.530759096 CET4434979834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.530909061 CET49798443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.563891888 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.563940048 CET4434980634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.570296049 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.571600914 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.571619987 CET4434980634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.602366924 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.602406025 CET4434980734.209.7.244192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.603590965 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.605079889 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.605096102 CET4434980734.209.7.244192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.937423944 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.937768936 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.966825962 CET4434980234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.966908932 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.973366022 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.973381996 CET4434980234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.973686934 CET4434980234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.976269007 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.976394892 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.976449966 CET4434980234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.976814985 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.976854086 CET4434981234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.976862907 CET49802443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.977003098 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.977204084 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.977212906 CET4434981234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.986819029 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.986944914 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.059936047 CET4434980634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.061400890 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.066637993 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.066654921 CET4434980634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.066735983 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.066977978 CET4434980634.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.067034960 CET49806443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.381423950 CET4434980734.209.7.244192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.382105112 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.387706041 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.387721062 CET4434980734.209.7.244192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.387798071 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.388017893 CET4434980734.209.7.244192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.388122082 CET49807443192.168.2.634.209.7.244
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.413687944 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.419683933 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.431937933 CET4434981234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.432019949 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.435266018 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.435277939 CET4434981234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.435568094 CET4434981234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.438457012 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.438539982 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.438636065 CET4434981234.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.438690901 CET49812443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.509063959 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.528742075 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.533598900 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.557352066 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.623410940 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.673660040 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.177277088 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.182118893 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.271668911 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.322499990 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.044641018 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.044678926 CET4434984735.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.044872046 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.045625925 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.045646906 CET4434984735.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.054800034 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.054853916 CET4434984834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.062634945 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.079416037 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.079452991 CET4434984834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.233866930 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.233915091 CET4434985134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.238903046 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.240278006 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.240300894 CET4434985134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.339972019 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.339999914 CET4434985434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.354846954 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.359097958 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.359111071 CET4434985434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.520170927 CET4434984735.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.529258013 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.532140017 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.532156944 CET4434984735.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.532399893 CET4434984735.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.534162045 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.534270048 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.534337997 CET4434984735.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.538741112 CET4434984834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.538758993 CET4434984834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.539072037 CET49847443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.539362907 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.546694994 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.546715021 CET4434984834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.546777010 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.546947956 CET4434984834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.555295944 CET49848443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.573976040 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.578763962 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.611603022 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.611639977 CET4434985534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.612920046 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.614264965 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.614279985 CET4434985534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.668514013 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.674344063 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.679101944 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.716373920 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.721524954 CET4434985134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.721612930 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.788363934 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.788418055 CET4434985134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.788458109 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.788753986 CET4434985134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.791110039 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.792117119 CET49851443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.796049118 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.814629078 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.861673117 CET4434985434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.861687899 CET4434985434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.861768007 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.863636017 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.869086027 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.869100094 CET4434985434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.869157076 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.869342089 CET4434985434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.873362064 CET49854443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.885484934 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.948247910 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.237081051 CET4434985534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.240442038 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.846240044 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.846262932 CET4434985534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.846385002 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.846455097 CET4434985534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:14.847690105 CET49855443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.379672050 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.379708052 CET4434989534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.381127119 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.381355047 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.381370068 CET4434989534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.445777893 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.446638107 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.446669102 CET4434989634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.447124958 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.447470903 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.447484970 CET4434989634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.450604916 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.540180922 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.585184097 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.839251041 CET4434989534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.842088938 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.844398975 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.844439983 CET4434990034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.845966101 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.845993996 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.847081900 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.849721909 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.849769115 CET4434989534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.850012064 CET4434989534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.853060007 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.853085041 CET4434990034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.853827953 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.853843927 CET4434990134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.854121923 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.856606960 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.856625080 CET4434990134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.858119011 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.858268023 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.858313084 CET4434989534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.858551025 CET49895443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.910181046 CET4434989634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.912600040 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.915704966 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.915713072 CET4434989634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.916135073 CET4434989634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.918682098 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.918765068 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.918986082 CET4434989634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.919059038 CET49896443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.936649084 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.967375994 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.971967936 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.974575043 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.979147911 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.063034058 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.067820072 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.070611954 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.075428009 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.117877960 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.177362919 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.218205929 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.323478937 CET4434990134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.323565960 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.327440023 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.327454090 CET4434990134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.327663898 CET4434990134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.327694893 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.327734947 CET4434990134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.329915047 CET49901443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.335593939 CET4434990034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.335695982 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.627974033 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.628000021 CET4434990034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.628010988 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.628290892 CET4434990034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.628343105 CET49900443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.914448023 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.922307968 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.011790037 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.051778078 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.107443094 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.113266945 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.226680040 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.269812107 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.902319908 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.902373075 CET4434997434.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.902445078 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.904109001 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.904120922 CET4434997434.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.027602911 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.105658054 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.228169918 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.233127117 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.797410965 CET4434997434.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.801320076 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.801903963 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.801915884 CET4434997434.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.802001953 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.802117109 CET4434997434.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.805257082 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.806090117 CET49974443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.810139894 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.923784018 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.923823118 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.930598021 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.930598021 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.930635929 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.941042900 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.941107035 CET4434998234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.943806887 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.943937063 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.943954945 CET4434998234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.945164919 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.945178032 CET4434998335.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.946012020 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.947441101 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.947453976 CET4434998335.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.947782993 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.947828054 CET44349984151.101.193.91192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.949273109 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.950831890 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.951134920 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.951153994 CET44349984151.101.193.91192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.964973927 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.968930960 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.968957901 CET4434998534.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.969907045 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.978003025 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.979613066 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.979626894 CET4434998534.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.999339104 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.074069023 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.115180969 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.427792072 CET4434998234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.427921057 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.431016922 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.431029081 CET4434998234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.431278944 CET4434998234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.431806087 CET44349984151.101.193.91192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.432281017 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.434804916 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.434812069 CET44349984151.101.193.91192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.435045958 CET44349984151.101.193.91192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.436023951 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.436120033 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.436177015 CET4434998234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.436714888 CET49982443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.437577963 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.437642097 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.437724113 CET44349984151.101.193.91192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.437788010 CET49984443192.168.2.6151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.442006111 CET4434998534.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.442025900 CET4434998534.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.442085981 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.446199894 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.446890116 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.446902990 CET4434998534.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.447094917 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.447113991 CET4434998534.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.447309017 CET49985443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.448472023 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.448483944 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.450423002 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.451080084 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.452884912 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.452903986 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.453146935 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.453217983 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.453248024 CET4434998835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.454551935 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.454719067 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.454727888 CET4434998835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.455471039 CET4434998335.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.455538034 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.455621958 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.455755949 CET4434998135.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.457060099 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.457228899 CET49981443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.460875988 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.460882902 CET4434998335.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.460963964 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.461010933 CET4434998335.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.464675903 CET49983443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.465163946 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.465184927 CET4434998935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.465248108 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.465322971 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.465337992 CET4434998935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.468606949 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.468631029 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.468852997 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.468941927 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.468955994 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.472395897 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.472404003 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.473011017 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.473052025 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.473058939 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.540564060 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.544547081 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.549367905 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.585350037 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.638652086 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.685625076 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.908644915 CET4434998835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.908734083 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.911794901 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.911804914 CET4434998835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.912054062 CET4434998835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.914717913 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.914834023 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.914894104 CET4434998835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.915227890 CET49988443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.920572996 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.925422907 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.926579952 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.926665068 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.929217100 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.929227114 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.929461002 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.931638002 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.931907892 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.934644938 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.934647083 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.934665918 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.934792995 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.934900045 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.935026884 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.935035944 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.937849045 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.937997103 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.938008070 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.938015938 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.939539909 CET4434998935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.939659119 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.942231894 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.942243099 CET4434998935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.942491055 CET4434998935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.944319010 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.944402933 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.944483042 CET4434998935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.947613001 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.947629929 CET49989443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.977040052 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.982868910 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.982943058 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.983076096 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.987844944 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.015775919 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.020207882 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.025976896 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.071202993 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.139389038 CET4434999035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.139492989 CET49990443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.147329092 CET4434999234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.147476912 CET49992443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.152426004 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.206103086 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.681910038 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.681962967 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.682001114 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.682157993 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683500051 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683536053 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683561087 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683588982 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683640003 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684705019 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684741974 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684777021 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684818029 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.685621023 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.685683012 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.686988115 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.687041044 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.687145948 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.688210964 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.688245058 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.688280106 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.688338041 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767402887 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767421961 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767647028 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767795086 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767807961 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767817974 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767823935 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767868996 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.767882109 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.769033909 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.769047976 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.769058943 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.769069910 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.769107103 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.769318104 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.770306110 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774471998 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774486065 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774497032 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774538994 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774624109 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774740934 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774751902 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774763107 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.774894953 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.776952982 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.776964903 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.777076960 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.777106047 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.777117014 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.777128935 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.777139902 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.777256966 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.779660940 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.779675961 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.779687881 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.779699087 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.779778004 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.779958010 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.780013084 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.858851910 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.858993053 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859006882 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859024048 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859036922 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859122992 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859160900 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859183073 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859194040 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859205961 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859216928 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859225988 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859252930 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859287024 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859888077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859899998 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859910965 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859921932 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859935045 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859946012 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859956980 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.859961033 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.860045910 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.860837936 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.861011982 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.861022949 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.861187935 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.861556053 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.861569881 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.861625910 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863573074 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863589048 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863603115 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863612890 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863625050 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863635063 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863641024 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863646984 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863676071 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863687038 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863697052 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.863838911 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.864785910 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.864801884 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.864844084 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865153074 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865166903 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865179062 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865190029 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865200996 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865211010 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865212917 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865287066 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865502119 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865514994 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.865567923 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866517067 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866528034 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866540909 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866595984 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866678953 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866689920 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866717100 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.866781950 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.867222071 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.867234945 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.867245913 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.867285967 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.868705034 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.868720055 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.868773937 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.868832111 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.868845940 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.868856907 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.869004965 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944456100 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944622993 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944634914 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944689989 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944802046 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944818974 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944829941 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944839954 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944850922 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944855928 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944863081 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944874048 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944920063 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.944992065 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945003033 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945013046 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945031881 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945061922 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945142031 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945849895 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945877075 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945923090 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945933104 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.945976019 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946099043 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946122885 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946199894 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946203947 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946212053 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946223021 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946232080 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946249962 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946265936 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946276903 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.946331978 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.948759079 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.948770046 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.948779106 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.948818922 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949284077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949417114 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949451923 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949630976 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949641943 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949651003 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949661016 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949671984 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949682951 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949693918 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949695110 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.949758053 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950242996 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950298071 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950339079 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950376034 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950392008 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950412989 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950448036 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950450897 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950491905 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950526953 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950535059 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950563908 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950598955 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950634956 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950670958 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950721025 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.950774908 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951601028 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951662064 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951705933 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951740980 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951776981 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951797962 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951829910 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951865911 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951915979 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951925993 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951951981 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951982975 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.951987028 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952023983 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952040911 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952058077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952092886 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952126980 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952162027 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952178001 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952440977 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952476025 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952510118 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952510118 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.952570915 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.953794003 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.953825951 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.953898907 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.953958035 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954349995 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954385042 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954421043 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954441071 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954502106 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954540968 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954576969 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954612017 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954647064 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954680920 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954699039 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954716921 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.954790115 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955043077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955080032 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955115080 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955149889 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955177069 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955185890 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955220938 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955255985 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955261946 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955291033 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955307961 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955354929 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955360889 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955395937 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955410004 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955432892 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955446005 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.955495119 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153263092 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153311968 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153347015 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153399944 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153434038 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153470039 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153503895 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153556108 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153592110 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153630018 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153635979 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153664112 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153702021 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153738022 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153773069 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153772116 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153809071 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153862000 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153882027 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153915882 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153951883 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.153985023 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154002905 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154038906 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154073000 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154076099 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154113054 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154139042 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154148102 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154179096 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154196978 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154211998 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154249907 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154284000 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154294014 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154320002 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154354095 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154355049 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154391050 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154411077 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154426098 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154460907 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154495955 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154515028 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154530048 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154561996 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154583931 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154623032 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154653072 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154659033 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154687881 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154706955 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154726028 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154777050 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154795885 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154831886 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154866934 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154882908 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154903889 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154937983 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154973030 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.154973030 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155009031 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155021906 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155042887 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155073881 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155123949 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155128956 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155158997 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155190945 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155194998 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155230045 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155245066 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155283928 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155350924 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155354023 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155385017 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155441046 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155476093 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155510902 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155539036 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155564070 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155577898 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155594110 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155610085 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155625105 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155636072 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155646086 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155654907 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155664921 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155675888 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155687094 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155697107 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155708075 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155718088 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155729055 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155740976 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155754089 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155762911 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155774117 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155791044 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155801058 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155811071 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155822039 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155833006 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155843019 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155853033 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155864954 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155874968 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155885935 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155899048 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155937910 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155949116 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155965090 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155966997 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155977964 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155987024 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.155997038 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156007051 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156018972 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156028986 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156039953 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156049967 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156060934 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156078100 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156090021 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156100035 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156115055 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156122923 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156131029 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156137943 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156143904 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156152010 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156158924 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156161070 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156166077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156182051 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156188011 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156188965 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156191111 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156196117 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156200886 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156239033 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156254053 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156264067 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156275988 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156292915 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156295061 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156299114 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156308889 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156322956 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156341076 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156352997 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156352997 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156363964 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156377077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156388044 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156398058 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156409025 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156419039 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156430006 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156440973 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156452894 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156459093 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156470060 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156480074 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156483889 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156491995 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156502962 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156507969 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156517029 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156529903 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156539917 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156549931 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156562090 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156615019 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156677961 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156730890 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156790018 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156846046 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.156919956 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.157016039 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.161777973 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.161807060 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.161818981 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.161875010 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.161925077 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162024021 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162074089 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162086964 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162097931 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162110090 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162121058 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162130117 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162142992 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162156105 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162168026 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162164927 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162180901 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162194967 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162198067 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162210941 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162223101 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162282944 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162285089 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162300110 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162306070 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162322998 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162336111 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162348032 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162358999 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162396908 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162492037 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162512064 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162663937 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162677050 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162689924 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162702084 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162714958 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162729025 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162764072 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162807941 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162821054 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162832975 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162844896 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.162928104 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163028955 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163043022 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163054943 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163068056 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163079977 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163094044 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163105011 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163111925 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163117886 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163120031 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163130999 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163199902 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163222075 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163233995 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163245916 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163259029 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163270950 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163285017 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163362026 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163362026 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163434982 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163448095 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163532972 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163959980 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163975000 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163986921 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.163991928 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164005041 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164017916 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164082050 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164100885 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164113998 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164127111 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164138079 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164156914 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164165974 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164171934 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164176941 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164254904 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.164371014 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.946706057 CET6356753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.951539040 CET53635671.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.952332973 CET6356753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.952332973 CET6356753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.957210064 CET53635671.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.420376062 CET53635671.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.421221972 CET6356753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.426278114 CET53635671.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.426359892 CET6356753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.963989019 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.973227978 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.058625937 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.061985970 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.066812038 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.110707045 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.158538103 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.211009026 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:40.645026922 CET5639253192.168.2.6162.159.36.2
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:40.649805069 CET5356392162.159.36.2192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:40.649887085 CET5639253192.168.2.6162.159.36.2
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:40.654680967 CET5356392162.159.36.2192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:41.241588116 CET5639253192.168.2.6162.159.36.2
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:41.248773098 CET5356392162.159.36.2192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:41.248832941 CET5639253192.168.2.6162.159.36.2
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:45.165980101 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:45.172801018 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:47.071748972 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:47.076627016 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:47.172091007 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:47.176846981 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.844364882 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.849206924 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.939404964 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.943142891 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.947946072 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.959587097 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.959625006 CET4435639634.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.972385883 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.973957062 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.973975897 CET4435639634.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.989132881 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.041229963 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.089440107 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.432868004 CET4435639634.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.432887077 CET4435639634.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.432977915 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.438134909 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.438144922 CET4435639634.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.438241005 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.438323021 CET4435639634.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.439043999 CET56396443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.440819025 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.445679903 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.537029982 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.539825916 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.544651985 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.590960979 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.634134054 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.675574064 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:55.179907084 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:55.187110901 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.093703985 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.093813896 CET4435639834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.093900919 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.093936920 CET4435639934.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094096899 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094125032 CET4435640034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094149113 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094192982 CET4435640134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094264984 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094274998 CET4435640234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094472885 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094484091 CET4435640334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094645977 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094657898 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094659090 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094660997 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094852924 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094855070 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094865084 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.094885111 CET4435639834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095062971 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095077038 CET4435640234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095144987 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095171928 CET4435640134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095232964 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095244884 CET4435640034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095324993 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095339060 CET4435639934.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095402002 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.095413923 CET4435640334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.555962086 CET4435639834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.556081057 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.556375027 CET4435639934.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.556448936 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.557529926 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.558922052 CET4435640334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.559626102 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.559660912 CET4435639834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.559834957 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.559998035 CET4435639834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.562140942 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.562150955 CET4435639934.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.562407970 CET4435639934.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.562416077 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.564342976 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.564357996 CET4435640334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.564564943 CET4435640334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.568207026 CET4435640034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.568789959 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.568984032 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569067955 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569184065 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569255114 CET4435640334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569297075 CET4435639834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569587946 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569621086 CET4435640434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569750071 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.569819927 CET4435640534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570023060 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570091009 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570275068 CET56403443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570298910 CET56398443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570336103 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570338011 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570485115 CET4435639934.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.570487976 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573036909 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573048115 CET4435640034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573180914 CET56399443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573383093 CET4435640034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573688984 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573719025 CET4435640534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573750019 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.573762894 CET4435640434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.574997902 CET4435640134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.575371981 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.577594042 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.577600956 CET4435640134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.577927113 CET4435640134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.578406096 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.578536034 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.578708887 CET4435640034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.579674006 CET56400443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.580378056 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.580471039 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.580570936 CET4435640134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.580893993 CET56401443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.581779003 CET4435640234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.582139969 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.582573891 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.584963083 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.584968090 CET4435640234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.585720062 CET4435640234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.587126017 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.587218046 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.587256908 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.587321043 CET4435640234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.587373972 CET56402443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.635705948 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.640645027 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.676603079 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.689614058 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.694653988 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.720326900 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.784439087 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.836267948 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.038003922 CET4435640434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.038192987 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.041413069 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.041425943 CET4435640434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.041657925 CET4435640434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.044174910 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.044270039 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.044343948 CET4435640434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.044415951 CET56404443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.052505016 CET4435640534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.052629948 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.055377007 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.055416107 CET4435640534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.055717945 CET4435640534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.057653904 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.057728052 CET56405443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.202874899 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.207758904 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.298321962 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.359066963 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.433295012 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.438283920 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.527795076 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.575186968 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:05.192712069 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:05.197560072 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:14.302114964 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:14.306909084 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:14.534028053 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:14.539066076 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:15.204824924 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:15.210949898 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:24.313760042 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:24.318720102 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:24.552097082 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:24.557013035 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:25.216582060 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:25.221489906 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.511220932 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.511249065 CET4435640734.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.511318922 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.512823105 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.512837887 CET4435640734.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.975162029 CET4435640734.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.975338936 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.980415106 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.980436087 CET4435640734.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.980546951 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.980638981 CET4435640734.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.981482029 CET56407443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.983599901 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.988351107 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.077991009 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.082526922 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.087344885 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.126632929 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.176558971 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.226958036 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:35.230109930 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:35.234927893 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:44.093465090 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:44.098472118 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:44.193629026 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:44.198534966 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:45.243675947 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:45.249758005 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:54.099606037 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:54.104501009 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:54.199919939 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:54.206142902 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:55.256227970 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:55.261172056 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:04.106278896 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:04.111228943 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:04.218226910 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:04.223155975 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:05.283668995 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:05.288625956 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:14.129991055 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:14.135066986 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:14.245908976 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:14.511157990 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:15.295857906 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:15.300936937 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:24.136759043 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:24.141908884 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:24.521697998 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:24.526549101 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:25.308247089 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:25.313210964 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:31.078201056 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:31.083611012 CET80499952.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:31.084433079 CET4999580192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:34.148205042 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:34.153613091 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:34.533293962 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:34.538975954 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:44.160548925 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:44.165538073 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:44.546184063 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:44.551254034 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.008371115 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.008410931 CET4435640934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.008584976 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.010781050 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.010795116 CET4435640934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.173084974 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.178523064 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.465617895 CET4435640934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.465785980 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.473474979 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.473493099 CET4435640934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.473582983 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.473711967 CET4435640934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.474049091 CET56409443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.477216005 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.482054949 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.558780909 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.563659906 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.572474003 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.577296019 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.582056046 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.621309042 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.671437025 CET804980334.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.721565008 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:41:04.587615013 CET4980480192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:41:04.592628956 CET804980434.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:41:04.687906027 CET4980380192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:41:04.692994118 CET804980334.107.221.82192.168.2.6

                                                                                                                                                                                                                                                                                                                                                    UDP Packets

                                                                                                                                                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.400821924 CET5759853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.402029991 CET5979353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.408895016 CET53575981.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.409497023 CET53597931.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434345007 CET6049053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434669018 CET5305553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.435955048 CET5403553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.440876961 CET53604901.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441471100 CET53530551.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.442789078 CET53540351.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.444308996 CET6044153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.448971987 CET5597253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.449335098 CET5219653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.452424049 CET53604411.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.456990957 CET53559721.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.457003117 CET53521961.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.713202953 CET5780553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.719959974 CET5915153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.719965935 CET53578051.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.721395016 CET5049453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.726644039 CET53591511.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.728157997 CET53504941.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.730882883 CET5769053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.732048988 CET6275753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.734119892 CET5503553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.737948895 CET53576901.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.738749981 CET53627571.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.741897106 CET53550351.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.742351055 CET5704453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.742655039 CET6299653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.749289989 CET53570441.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.749311924 CET53629961.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.010973930 CET6215953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.011539936 CET5988553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.017807007 CET53621591.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.018141985 CET53598851.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.465018988 CET5350553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.466655970 CET6266153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.473853111 CET53535051.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.475055933 CET53626611.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.483601093 CET5054753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498718977 CET53505471.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.503341913 CET4994553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.513158083 CET53499451.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.576590061 CET6280853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.585680008 CET53628081.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.602545023 CET5033353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.612216949 CET53503331.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.661001921 CET5472353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.669730902 CET53547231.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.168899059 CET5389753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.176769972 CET53538971.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.241122007 CET6529153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.252243996 CET53652911.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.254106045 CET6401853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.263120890 CET53640181.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.888418913 CET5955953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.895899057 CET53595591.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.896960020 CET5753453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.904686928 CET53575341.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.905390978 CET6468653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.912265062 CET53646861.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.053488016 CET6180153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.060234070 CET53618011.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.071815968 CET5637653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.078985929 CET53563761.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.331482887 CET6466853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.338551044 CET53646681.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.340666056 CET6333053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.347759962 CET53633301.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.362492085 CET6517853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.369141102 CET53651781.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.089179993 CET5673953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.106501102 CET53567391.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.852947950 CET5984753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.859836102 CET53598471.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.885858059 CET5392253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.886257887 CET5269553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.886343956 CET5355453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET53539221.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895807028 CET53526951.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896505117 CET5336953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896538973 CET53535541.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896605968 CET5011853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.897102118 CET5860553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906277895 CET53533691.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET53501181.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906857014 CET5458553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.907025099 CET5541753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.908091068 CET53586051.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.908489943 CET5991253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917402029 CET53545851.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917414904 CET53554171.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.918036938 CET53599121.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.918603897 CET5930553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.919167995 CET5307353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.927484989 CET53593051.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.928121090 CET5509753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.928241968 CET53530731.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.928807974 CET5283853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937463999 CET53528381.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937596083 CET53550971.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.939325094 CET5024453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.939774036 CET5409353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.947750092 CET53502441.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.948543072 CET53540931.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.902731895 CET5627853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.106960058 CET53562781.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.806139946 CET5193953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.813002110 CET53519391.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.937058926 CET5604453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.944164991 CET53560441.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.948527098 CET5441553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.951836109 CET6020453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.956340075 CET53544151.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.959636927 CET53602041.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.964845896 CET6405753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.969959974 CET5587553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.971656084 CET53640571.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.977957964 CET53558751.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.980360985 CET5731053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.987802029 CET53573101.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.977668047 CET5978753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.986493111 CET53597871.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.987116098 CET6124053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.997529030 CET53612401.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:35.945947886 CET53639961.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.418711901 CET53649861.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:38.421967983 CET53511041.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:40.644407988 CET5351363162.159.36.2192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:41.292570114 CET53627041.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.948683977 CET6549453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.955548048 CET53654941.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.958509922 CET5901953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.967248917 CET53590191.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.092782021 CET5384353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.099457979 CET53538431.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.582509041 CET5572853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.589701891 CET53557281.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.510190010 CET6268753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.517307997 CET53626871.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.518547058 CET6154353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.525227070 CET53615431.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:53.992122889 CET6349053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:53.999385118 CET53634901.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.000576019 CET6331253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.007369041 CET53633121.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.008199930 CET5836353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.015254021 CET53583631.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.478032112 CET6046753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.484755993 CET53604671.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.574148893 CET5948353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.581119061 CET53594831.1.1.1192.168.2.6

                                                                                                                                                                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.400821924 CET192.168.2.61.1.1.10x9832Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.402029991 CET192.168.2.61.1.1.10x7df6Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434345007 CET192.168.2.61.1.1.10xf6b4Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.434669018 CET192.168.2.61.1.1.10xa54fStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.435955048 CET192.168.2.61.1.1.10x866cStandard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.444308996 CET192.168.2.61.1.1.10xe5cfStandard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.448971987 CET192.168.2.61.1.1.10x157cStandard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.449335098 CET192.168.2.61.1.1.10x418eStandard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.713202953 CET192.168.2.61.1.1.10x8d19Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.719959974 CET192.168.2.61.1.1.10x2477Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.721395016 CET192.168.2.61.1.1.10x30a0Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.730882883 CET192.168.2.61.1.1.10x7dabStandard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.732048988 CET192.168.2.61.1.1.10xe8afStandard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.734119892 CET192.168.2.61.1.1.10x2fb3Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.742351055 CET192.168.2.61.1.1.10x2a4dStandard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.742655039 CET192.168.2.61.1.1.10x1f6fStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.010973930 CET192.168.2.61.1.1.10x2187Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.011539936 CET192.168.2.61.1.1.10x1724Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.465018988 CET192.168.2.61.1.1.10x442cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.466655970 CET192.168.2.61.1.1.10xf3e7Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.483601093 CET192.168.2.61.1.1.10x734eStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.503341913 CET192.168.2.61.1.1.10x6e1aStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.576590061 CET192.168.2.61.1.1.10xe961Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.602545023 CET192.168.2.61.1.1.10x71bfStandard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.661001921 CET192.168.2.61.1.1.10xfa80Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.168899059 CET192.168.2.61.1.1.10x1d23Standard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.241122007 CET192.168.2.61.1.1.10xce24Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.254106045 CET192.168.2.61.1.1.10x6534Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.888418913 CET192.168.2.61.1.1.10x466cStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.896960020 CET192.168.2.61.1.1.10x3d42Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.905390978 CET192.168.2.61.1.1.10x20c6Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.053488016 CET192.168.2.61.1.1.10xf1e7Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.071815968 CET192.168.2.61.1.1.10x4a7bStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.331482887 CET192.168.2.61.1.1.10x67e3Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.340666056 CET192.168.2.61.1.1.10x770cStandard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.362492085 CET192.168.2.61.1.1.10xad8cStandard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.089179993 CET192.168.2.61.1.1.10x7f6dStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.852947950 CET192.168.2.61.1.1.10xa1cbStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.885858059 CET192.168.2.61.1.1.10x76afStandard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.886257887 CET192.168.2.61.1.1.10x4dfaStandard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.886343956 CET192.168.2.61.1.1.10x8921Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896505117 CET192.168.2.61.1.1.10x5f04Standard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896605968 CET192.168.2.61.1.1.10x1bf0Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.897102118 CET192.168.2.61.1.1.10xfba0Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906857014 CET192.168.2.61.1.1.10x717dStandard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.907025099 CET192.168.2.61.1.1.10x61cStandard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.908489943 CET192.168.2.61.1.1.10xf6b6Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.918603897 CET192.168.2.61.1.1.10x4fbcStandard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.919167995 CET192.168.2.61.1.1.10xabc5Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.928121090 CET192.168.2.61.1.1.10x5060Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.928807974 CET192.168.2.61.1.1.10x7e7aStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.939325094 CET192.168.2.61.1.1.10xc6eaStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.939774036 CET192.168.2.61.1.1.10x65c0Standard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:31.902731895 CET192.168.2.61.1.1.10x382fStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.806139946 CET192.168.2.61.1.1.10x417cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.937058926 CET192.168.2.61.1.1.10x9912Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.948527098 CET192.168.2.61.1.1.10x3582Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.951836109 CET192.168.2.61.1.1.10xc343Standard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.964845896 CET192.168.2.61.1.1.10xc106Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.969959974 CET192.168.2.61.1.1.10xc7deStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.980360985 CET192.168.2.61.1.1.10x30a7Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.977668047 CET192.168.2.61.1.1.10xa9aeStandard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.987116098 CET192.168.2.61.1.1.10xac0cStandard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.948683977 CET192.168.2.61.1.1.10x8bdStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.958509922 CET192.168.2.61.1.1.10x1ffStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.092782021 CET192.168.2.61.1.1.10x9310Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.582509041 CET192.168.2.61.1.1.10x741cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.510190010 CET192.168.2.61.1.1.10x1db2Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.518547058 CET192.168.2.61.1.1.10x4270Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:53.992122889 CET192.168.2.61.1.1.10x6214Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.000576019 CET192.168.2.61.1.1.10x9c1cStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.008199930 CET192.168.2.61.1.1.10x68edStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.478032112 CET192.168.2.61.1.1.10xf755Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.574148893 CET192.168.2.61.1.1.10x49aaStandard query (0)example.orgA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:37:55.328696012 CET1.1.1.1192.168.2.60xbb94No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:37:55.328696012 CET1.1.1.1192.168.2.60xbb94No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.408327103 CET1.1.1.1192.168.2.60x2207No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.408895016 CET1.1.1.1192.168.2.60x9832No error (0)youtube.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.409497023 CET1.1.1.1192.168.2.60x7df6No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.409497023 CET1.1.1.1192.168.2.60x7df6No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.409497023 CET1.1.1.1192.168.2.60x7df6No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.440876961 CET1.1.1.1192.168.2.60xf6b4No error (0)youtube.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441471100 CET1.1.1.1192.168.2.60xa54fNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.442789078 CET1.1.1.1192.168.2.60x866cNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.456990957 CET1.1.1.1192.168.2.60x157cNo error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.457003117 CET1.1.1.1192.168.2.60x418eNo error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.719965935 CET1.1.1.1192.168.2.60x8d19No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.726644039 CET1.1.1.1192.168.2.60x2477No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.726644039 CET1.1.1.1192.168.2.60x2477No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.727736950 CET1.1.1.1192.168.2.60xdd3cNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.727736950 CET1.1.1.1192.168.2.60xdd3cNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.728157997 CET1.1.1.1192.168.2.60x30a0No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.738749981 CET1.1.1.1192.168.2.60xe8afNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.741897106 CET1.1.1.1192.168.2.60x2fb3No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.749311924 CET1.1.1.1192.168.2.60x1f6fNo error (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.017807007 CET1.1.1.1192.168.2.60x2187No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.017807007 CET1.1.1.1192.168.2.60x2187No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.017807007 CET1.1.1.1192.168.2.60x2187No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.017807007 CET1.1.1.1192.168.2.60x2187No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.018141985 CET1.1.1.1192.168.2.60x1724No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.018141985 CET1.1.1.1192.168.2.60x1724No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.473853111 CET1.1.1.1192.168.2.60x442cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.473853111 CET1.1.1.1192.168.2.60x442cNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.473853111 CET1.1.1.1192.168.2.60x442cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.475055933 CET1.1.1.1192.168.2.60xf3e7No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.475055933 CET1.1.1.1192.168.2.60xf3e7No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.475055933 CET1.1.1.1192.168.2.60xf3e7No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.498718977 CET1.1.1.1192.168.2.60x734eNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.513158083 CET1.1.1.1192.168.2.60x6e1aNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.585680008 CET1.1.1.1192.168.2.60xe961No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.585680008 CET1.1.1.1192.168.2.60xe961No error (0)shavar.prod.mozaws.net34.209.7.244A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.585680008 CET1.1.1.1192.168.2.60xe961No error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.585680008 CET1.1.1.1192.168.2.60xe961No error (0)shavar.prod.mozaws.net52.24.11.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.612216949 CET1.1.1.1192.168.2.60x71bfNo error (0)shavar.prod.mozaws.net52.24.11.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.612216949 CET1.1.1.1192.168.2.60x71bfNo error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.612216949 CET1.1.1.1192.168.2.60x71bfNo error (0)shavar.prod.mozaws.net34.209.7.244A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.176769972 CET1.1.1.1192.168.2.60x1d23No error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.176769972 CET1.1.1.1192.168.2.60x1d23No error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.176769972 CET1.1.1.1192.168.2.60x1d23No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:11.252243996 CET1.1.1.1192.168.2.60xce24No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.895899057 CET1.1.1.1192.168.2.60x466cNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.904686928 CET1.1.1.1192.168.2.60x3d42No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.037051916 CET1.1.1.1192.168.2.60xa83fNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.037051916 CET1.1.1.1192.168.2.60xa83fNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.052294970 CET1.1.1.1192.168.2.60x46e8No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.060234070 CET1.1.1.1192.168.2.60xf1e7No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.338551044 CET1.1.1.1192.168.2.60x67e3No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.338551044 CET1.1.1.1192.168.2.60x67e3No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.347759962 CET1.1.1.1192.168.2.60x770cNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.582786083 CET1.1.1.1192.168.2.60x1956No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895790100 CET1.1.1.1192.168.2.60x76afNo error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895807028 CET1.1.1.1192.168.2.60x4dfaNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.895807028 CET1.1.1.1192.168.2.60x4dfaNo error (0)star-mini.c10r.facebook.com157.240.252.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896538973 CET1.1.1.1192.168.2.60x8921No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.896538973 CET1.1.1.1192.168.2.60x8921No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906277895 CET1.1.1.1192.168.2.60x5f04No error (0)star-mini.c10r.facebook.com157.240.0.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.906291008 CET1.1.1.1192.168.2.60x1bf0No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.908091068 CET1.1.1.1192.168.2.60xfba0No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917402029 CET1.1.1.1192.168.2.60x717dNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917402029 CET1.1.1.1192.168.2.60x717dNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917402029 CET1.1.1.1192.168.2.60x717dNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917402029 CET1.1.1.1192.168.2.60x717dNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.917414904 CET1.1.1.1192.168.2.60x61cNo error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.918036938 CET1.1.1.1192.168.2.60xf6b6No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.927484989 CET1.1.1.1192.168.2.60x4fbcNo error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.927484989 CET1.1.1.1192.168.2.60x4fbcNo error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.927484989 CET1.1.1.1192.168.2.60x4fbcNo error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.927484989 CET1.1.1.1192.168.2.60x4fbcNo error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.927484989 CET1.1.1.1192.168.2.60x4fbcNo error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.928241968 CET1.1.1.1192.168.2.60xabc5No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937463999 CET1.1.1.1192.168.2.60x7e7aNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937463999 CET1.1.1.1192.168.2.60x7e7aNo error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937463999 CET1.1.1.1192.168.2.60x7e7aNo error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937463999 CET1.1.1.1192.168.2.60x7e7aNo error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937596083 CET1.1.1.1192.168.2.60x5060No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937596083 CET1.1.1.1192.168.2.60x5060No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937596083 CET1.1.1.1192.168.2.60x5060No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.937596083 CET1.1.1.1192.168.2.60x5060No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.813002110 CET1.1.1.1192.168.2.60x417cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.813002110 CET1.1.1.1192.168.2.60x417cNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.813002110 CET1.1.1.1192.168.2.60x417cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.944164991 CET1.1.1.1192.168.2.60x9912No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.944164991 CET1.1.1.1192.168.2.60x9912No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.944164991 CET1.1.1.1192.168.2.60x9912No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.944164991 CET1.1.1.1192.168.2.60x9912No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.956340075 CET1.1.1.1192.168.2.60x3582No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.956340075 CET1.1.1.1192.168.2.60x3582No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.956340075 CET1.1.1.1192.168.2.60x3582No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.956340075 CET1.1.1.1192.168.2.60x3582No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.959636927 CET1.1.1.1192.168.2.60xc343No error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.959636927 CET1.1.1.1192.168.2.60xc343No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.971656084 CET1.1.1.1192.168.2.60xc106No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.971656084 CET1.1.1.1192.168.2.60xc106No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.971656084 CET1.1.1.1192.168.2.60xc106No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.971656084 CET1.1.1.1192.168.2.60xc106No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.977957964 CET1.1.1.1192.168.2.60xc7deNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.976196051 CET1.1.1.1192.168.2.60xc84bNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.976196051 CET1.1.1.1192.168.2.60xc84bNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.976196051 CET1.1.1.1192.168.2.60xc84bNo error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.976196051 CET1.1.1.1192.168.2.60xc84bNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.976196051 CET1.1.1.1192.168.2.60xc84bNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.986493111 CET1.1.1.1192.168.2.60xa9aeNo error (0)a19.dscg10.akamai.net2.18.121.73A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.986493111 CET1.1.1.1192.168.2.60xa9aeNo error (0)a19.dscg10.akamai.net2.18.121.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.997529030 CET1.1.1.1192.168.2.60xac0cNo error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.997529030 CET1.1.1.1192.168.2.60xac0cNo error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.955548048 CET1.1.1.1192.168.2.60x8bdNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.091476917 CET1.1.1.1192.168.2.60xddc3No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.589701891 CET1.1.1.1192.168.2.60x741cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.589701891 CET1.1.1.1192.168.2.60x741cNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.589701891 CET1.1.1.1192.168.2.60x741cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.517307997 CET1.1.1.1192.168.2.60x1db2No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:53.999385118 CET1.1.1.1192.168.2.60x6214No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.007369041 CET1.1.1.1192.168.2.60x9c1cNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.484755993 CET1.1.1.1192.168.2.60xf755No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.484755993 CET1.1.1.1192.168.2.60xf755No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.484755993 CET1.1.1.1192.168.2.60xf755No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.581119061 CET1.1.1.1192.168.2.60x49aaNo error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.581119061 CET1.1.1.1192.168.2.60x49aaNo error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.581119061 CET1.1.1.1192.168.2.60x49aaNo error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.581119061 CET1.1.1.1192.168.2.60x49aaNo error (0)example.org96.7.128.186A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                    HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                                    • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                                                    HTTP Packets

                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    0192.168.2.64978034.107.221.82801588C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.441569090 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:05.898943901 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77179
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    1192.168.2.64980334.107.221.82801588C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490535975 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.937423944 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31130
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.413687944 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.509063959 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31131
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.177277088 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:12.271668911 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31135
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.674344063 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.814629078 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31136
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.445777893 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.540180922 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31142
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.967375994 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.063034058 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31143
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.070611954 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.177362919 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31143
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.107443094 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.226680040 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31145
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.228169918 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.964973927 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.074069023 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31156
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.544547081 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.638652086 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31156
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.020207882 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.152426004 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31157
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.061985970 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.158538103 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31160
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:47.172091007 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.943142891 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.041229963 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31175
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.539825916 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.634134054 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31176
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.635705948 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.689614058 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.784439087 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31186
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.433295012 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.527795076 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31187
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:14.534028053 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:24.552097082 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.082526922 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.176558971 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31217
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:44.193629026 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:54.199919939 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:04.218226910 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:14.245908976 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:24.521697998 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.577296019 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.671437025 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 31297
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    2192.168.2.64980434.107.221.82801588C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.490619898 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:07.937768936 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77181
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.528742075 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:08.623410940 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77182
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.573976040 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.668514013 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77187
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.791110039 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:13.885484934 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77187
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.842088938 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.936649084 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77193
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:19.971967936 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:20.067820072 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77194
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:21.914448023 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:22.011790037 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77195
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.027602911 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.805257082 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:32.949273109 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77206
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.446199894 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.540564060 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77207
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.920572996 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.015775919 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77207
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:36.963989019 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:37.058625937 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77211
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:47.071748972 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.844364882 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:52.939404964 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77226
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.440819025 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:53.537029982 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77227
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.557529926 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.582139969 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:03.676603079 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77237
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.202874899 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:04.298321962 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77238
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:14.302114964 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:24.313760042 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:33.983599901 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:34.077991009 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77268
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:44.093465090 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:39:54.099606037 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:04.106278896 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:14.129991055 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:24.136759043 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.477216005 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:40:54.572474003 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 77348
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    3192.168.2.6499952.22.61.56801588C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:33.983076096 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.681910038 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Last-Modified: Fri, 07 Feb 2025 06:55:57 GMT
                                                                                                                                                                                                                                                                                                                                                    ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 453023
                                                                                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                    X-Timestamp: 1738911356.44453
                                                                                                                                                                                                                                                                                                                                                    Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                                                    X-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=245629
                                                                                                                                                                                                                                                                                                                                                    Expires: Tue, 18 Feb 2025 12:52:23 GMT
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Feb 2025 16:38:34 GMT
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.681962967 CET1236INData Raw: bd c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*dIUkq9[d
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.682001114 CET448INData Raw: 76 05 c4 dc 61 8a ee 89 36 03 dd 1b 08 cd 40 d9 ea 04 bd 6e 44 fc 07 c7 c5 f9 37 23 49 13 20 6b 79 26 c2 ef b5 cf c4 f9 36 c0 ee 95 21 56 4f bf 34 ab 1d 51 ac fe f7 81 91 58 5d 54 d5 5a 44 59 dd bb 12 e9 2b 02 56 4f 8f 9f b8 ad c8 db ba c2 58 de
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: va6@nD7#I ky&6!VO4QX]TZDY+VOXrm!m%R4Re"*2Xohu}G9gVP8ghhlW4CUR7wv$Y`X%k|h``\"^w\>(y':@V6
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683500051 CET1236INData Raw: 65 e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: e2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683536053 CET1236INData Raw: 7f b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.683588982 CET448INData Raw: 62 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: bY:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684705019 CET1236INData Raw: 5d a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: ]!Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684741974 CET1236INData Raw: 0e 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.684777021 CET448INData Raw: 8e 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.685621023 CET1236INData Raw: 99 ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1
                                                                                                                                                                                                                                                                                                                                                    Feb 15, 2025 17:38:34.686988115 CET1236INData Raw: 54 88 af 6b 46 21 96 c5 bc 17 f8 0b 33 f5 a2 5c 8c f3 a5 7a 0f eb 92 0f 50 32 86 fd 65 5b 30 c8 b2 e7 30 e0 fb 80 1a be 7d a4 46 35 7c d3 69 08 ed 2b a1 bc e9 40 0c 46 75 4f b0 5b 0d 12 e4 5d 29 77 a0 15 ab 42 4b 58 cd 29 e9 2f 53 ed 53 3b ff 20
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: TkF!3\zP2e[00}F5|i+@FuO[])wBKX)/SS; <NEfql]M.dRro7/tk>)0(k"?1!cY[D8w5U:1|hEfwS"'<^`c7


                                                                                                                                                                                                                                                                                                                                                    Statistics

                                                                                                                                                                                                                                                                                                                                                    CPU Usage

                                                                                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                                                                                    Memory Usage

                                                                                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                                    Behavior

                                                                                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:0
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:56
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x540000
                                                                                                                                                                                                                                                                                                                                                    File size:970'752 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:BCA58035430238FDE9990DF16040D699
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:2
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:57
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x980000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:3
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:57
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:4
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:59
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x980000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:5
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:59
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:6
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:59
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x980000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:7
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:59
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:8
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:59
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x980000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:9
                                                                                                                                                                                                                                                                                                                                                    Start time:11:37:59
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:10
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:00
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x980000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:11
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:00
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:12
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:00
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:13
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:00
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:14
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:00
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:16
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:01
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2220 -prefMapHandle 2212 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c9fbe32b-4c03-4d39-93db-854142882339} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee61071110 socket
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:18
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:03
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4116 -parentBuildID 20230927232528 -prefsHandle 3996 -prefMapHandle 4000 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {98ef1f0c-9b53-4068-86ae-42f53ec98957} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee71479110 rdd
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:20
                                                                                                                                                                                                                                                                                                                                                    Start time:11:38:11
                                                                                                                                                                                                                                                                                                                                                    Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 4472 -prefMapHandle 4564 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {127eaadf-f0b2-40e6-aa1b-0559c96af4d0} 1588 "\\.\pipe\gecko-crash-server-pipe.1588" 1ee79169d10 utility
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    Disassembly

                                                                                                                                                                                                                                                                                                                                                    Reset < >