Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1622958
MD5:e9a8537a4efba5386c2a5adf0355eb4b
SHA1:485d296515a96ef01972021da0571c5c03192b21
SHA256:e1cf2ba38614911db7f8a5f595b03697f76c79fe0de026f3571090db401b2c25
Tags:exeuser-skocherhan
Infos:

Detection

Credential Flusher
Score:76
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Drops PE files
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 7064 cmdline: "C:\Users\user\Desktop\random.exe" MD5: E9A8537A4EFBA5386C2A5ADF0355EB4B)
    • taskkill.exe (PID: 2924 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 5244 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 2824 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3964 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 5084 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3340 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1088 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 528 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 3176 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 4996 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 5052 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 6776 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 5688 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 3116 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2100 -prefMapHandle 2092 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4288b39-eeff-48cc-89be-fe64cc4e59d5} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20fe9b6f310 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7488 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4112 -parentBuildID 20230927232528 -prefsHandle 1388 -prefMapHandle 4232 -prefsLen 26395 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {125b98cb-c08a-463f-845a-e5a5de2dd182} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20ffaf6fe10 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 8032 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5020 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {adec35be-c7a7-4da3-a367-92b1400258f1} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 21003272b10 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 7064JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeReversingLabs: Detection: 31%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.5% probability
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49716 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49721 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49750 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49766 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49767 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49899 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49900 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.5:49901 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49910 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49909 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49908 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49912 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50021 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50022 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50024 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50023 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50025 version: TLS 1.2
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000E.00000003.2273725794.0000020FFD85F000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000E.00000003.2279973321.0000020FF9CBD000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2278363392.0000020FF9CC0000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000E.00000003.2279973321.0000020FF9CBD000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000E.00000003.2279087229.0000020FF9CB7000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2278363392.0000020FF9CC0000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2275824703.0000020FFD803000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000E.00000003.2273725794.0000020FFD85F000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000E.00000003.2279087229.0000020FF9CB7000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2275824703.0000020FFD803000.00000004.00000020.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0057DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054C2A2 FindFirstFileExW,0_2_0054C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005868EE FindFirstFileW,FindClose,0_2_005868EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0058698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0057D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0057D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00589642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00589642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0058979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00589B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00589B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00585C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00585C97
    Source: firefox.exeMemory has grown: Private usage: 33MB later: 200MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: Joe Sandbox ViewIP Address: 2.22.61.56 2.22.61.56
    Source: Joe Sandbox ViewIP Address: 2.22.61.56 2.22.61.56
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 151.101.129.91 151.101.129.91
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058CE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_0058CE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKLast-Modified: Fri, 07 Feb 2025 06:55:57 GMTETag: 85430baed3398695717b0263807cf97cContent-Length: 453023Accept-Ranges: bytesX-Timestamp: 1738911356.44453Content-Type: application/zipX-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1Cache-Control: public, max-age=163451Expires: Wed, 26 Feb 2025 15:16:39 GMTDate: Mon, 24 Feb 2025 17:52:28 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000E.00000003.2350552788.0000020FF9760000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2312896408.000002100418B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335475157.000002100418B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2335007836.00000210041DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312443133.00000210041DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2323796262.00000210032AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2314589157.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323796262.00000210032AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2312896408.000002100418B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2341755951.0000020FFBEED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2331386649.0000020FFBEED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2335007836.00000210041DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312443133.00000210041DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: featureUpdate:upgradeDialogmain/nimbus-desktop-experimentshttps://www.facebook.com/decodeImageFromArrayBufferhttps://www.leboncoin.fr/get sendAttributionRequestresource://search-extensions/#initFromManifest/iconList<@mozilla.org/binaryinputstream;1get searchUrlPublicSuffixiconLoadCallback: rescaling iconmain/nimbus-desktop-experimentshttps://www.wikipedia.org/#getExtensionDetailsForLocaleiconLoadCallback: load failedhttps://www.amazon.co.uk/images/aliexpress-com@2x.png_getEngineURLFromMetaDatacheckSearchUrlMatchesManifest1tog0cdkasggly29o8xqc6p37images/duckduckgo-com@2x.svgget isGeneralPurposeEngine has out-of-date manifest!@mozilla.org/image/tools;1https://www.aliexpress.com/ no longer has an engine definedOS_PARAM_OUTPUT_ENCODING_DEFloadPath missing from options._setIcon: Setting icon url forhttps://www.wikipedia.org/favicons/aliexpress-com.icofavicons/duckduckgo-com.icoget searchUrlQueryParamName__MSG_searchUrlGetParams__images/wikipedia-org@2x.pngDEFAULT_REPLACEMENT_CHARACTERgoogle@search.mozilla.orgOptionalPermissionNoPromptimages/leboncoin-fr@2x.pngmain/nimbus-desktop-experimentsWebExtensionLangpackManifestimages/facebook-com@2x.pngfavicons/wikipedia-org.icofavicons/leboncoin-fr.pngfavicons/facebook-com.icoimages/twitter-com@2x.pngWebExtensionDictionaryManifestOptionalPermissionOrOriginGeckoAndroidSpecificPropertiesimages/youtube-com@2x.pngFirefoxSpecificProperties__MSG_extensionDescription__ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2323796262.00000210032AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2314589157.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323796262.00000210032AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2363628943.0000020FFD142000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD142000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2363628943.0000020FFD142000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD142000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2363628943.0000020FFD142000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD142000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 00000011.00000002.3975847863.000001A411F0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/&$ equals www.facebook.com (Facebook)
    Source: firefox.exe, 00000011.00000002.3975847863.000001A411F0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/&$ equals www.twitter.com (Twitter)
    Source: firefox.exe, 00000011.00000002.3975847863.000001A411F0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/&$ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2335956474.0000021004033000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://bfdd6cf3-6cd6-4fa2-bc72-2c3d2e7d20f8/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312896408.000002100418B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335007836.00000210041DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312443133.00000210041DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2341755951.0000020FFBEED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2331386649.0000020FFBEED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 0000000E.00000003.2201041987.00000210034F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337880980.000002100326D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201041987.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219514011.000002100326E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362265477.000002100154C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201041987.00000210034EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201041987.00000210034FC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268186359.0000020FFD8C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268186359.0000020FFD8C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268186359.0000020FFD8C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268186359.0000020FFD8C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000E.00000003.2312356452.00000210041F8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000E.00000003.2369827892.0000020FFAF21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2368664634.0000020FFB35C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2345056546.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2340779561.0000021001A76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2369827892.0000020FFAF21000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000E.00000003.2312356452.00000210041F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000E.00000003.2312356452.00000210041F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
    Source: firefox.exe, 0000000E.00000003.2201230126.00000210034CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2200632343.0000021003DFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2332943300.0000020FFB215000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2177517816.0000020FF93B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332824340.0000020FFB235000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277972474.0000020FFBC63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2328041545.0000020FFD07C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277747377.0000020FF93B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201327953.0000020FFC59E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286921926.00000210017DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300607236.0000020FFBCAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330425195.0000020FFC177000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273506615.0000020FF9695000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273506615.0000020FF9673000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2246750811.0000020FFBCB1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2365987596.0000020FFC497000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364520744.0000020FFD016000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300607236.0000020FFBCB1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2318010389.0000020FFB25B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC490000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2179078908.0000020FF9399000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363847582.0000020FFC59B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268186359.0000020FFD8C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268186359.0000020FFD8C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
    Source: firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0.
    Source: firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
    Source: firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000E.00000003.2200632343.0000021003DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatex
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
    Source: firefox.exe, 0000000E.00000003.2350085710.0000020FFA23F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330029219.0000020FFC27F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC02A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205682543.0000021003346000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2315517462.0000021001ADD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2345056546.0000020FFB34C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330332280.0000020FFC22B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2350552788.0000020FF9754000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: firefox.exe, 00000011.00000003.2197239693.000001A412C3C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000003.2196099339.000001A412C3C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3980086287.000001A412C3C000.00000004.00000020.00020000.00000000.sdmp, mozilla-temp-41.14.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://youtube.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000003.2208048139.0000021001DF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://MD8.mozilla.org/1/m
    Source: firefox.exe, 0000000E.00000003.2169678579.0000020FF951E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170842237.0000020FF9582000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170527981.0000020FF953F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
    Source: firefox.exe, 0000000E.00000003.2359579335.0000021001BCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000E.00000003.2360496659.0000021001B5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205316985.0000021003384000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000E.00000003.2205316985.0000021003384000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwderIdL
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
    Source: firefox.exe, 0000000E.00000003.2352774024.00000210036E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323359974.00000210036E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
    Source: firefox.exe, 0000000E.00000003.2345056546.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000003.2358313228.00000210022E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 0000000E.00000003.2358313228.00000210022E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000E.00000003.2359579335.0000021001BFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2340779561.0000021001A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000E.00000003.2343166863.0000021002237000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358535299.0000021002238000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337880980.000002100326D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362265477.000002100154C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2325291118.0000021002235000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316029386.0000021001A57000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
    Source: firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
    Source: firefox.exe, 0000000E.00000003.2358080935.0000021002EA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249560951.0000020FFBD96000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248147657.0000020FFBD6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
    Source: firefox.exe, 0000000E.00000003.2249297483.0000020FFBD89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249560951.0000020FFBD96000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
    Source: firefox.exe, 0000000E.00000003.2277972474.0000020FFBC63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248147657.0000020FFBD6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248147657.0000020FFBD6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002F3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net
    Source: firefox.exe, 0000000E.00000003.2337880980.0000021003297000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2357594991.0000021002F23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2356918497.0000021002FA9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2342542833.0000021002FA9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
    Source: firefox.exe, 0000000E.00000003.2316029386.0000021001A76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2359579335.0000021001BCA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2360310931.0000021001BBF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2359579335.0000021001BCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2340779561.0000021001A76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316029386.0000021001A57000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000E.00000003.2186378353.0000021001C23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000E.00000003.2336541702.0000021003FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
    Source: firefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
    Source: firefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarning
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
    Source: firefox.exe, 0000000E.00000003.2302153284.00000210031AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000E.00000003.2186378353.0000021001C23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000E.00000003.2169678579.0000020FF951E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300917897.0000020FFBC97000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2232927507.0000020FFB2F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170842237.0000020FF9582000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2331386649.0000020FFBEE1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170527981.0000020FF953F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FA9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?t=ffab&q=
    Source: firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/y
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3AD13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2195652014.0000021003109000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195652014.0000021003111000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000000E.00000003.2348136369.0000020FFAFB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
    Source: firefox.exe, 0000000E.00000003.2323359974.00000210036B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314341424.0000021003FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2336101755.0000021003FE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2313389013.0000021004162000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323359974.00000210036BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3AD13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 0000000E.00000003.2365449565.0000020FFC4DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC4D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3AD30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 0000000E.00000003.2365449565.0000020FFC4DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC4D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000E.00000003.2360496659.0000021001B5B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 0000000E.00000003.2365449565.0000020FFC4DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC4D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
    Source: firefox.exe, 0000000E.00000003.2186378353.0000021001C23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000E.00000003.2286921926.00000210017DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293647152.00000210017DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000E.00000003.2286921926.00000210017DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293647152.00000210017DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000E.00000003.2169678579.0000020FF951E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170527981.0000020FF953F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000E.00000003.2313655634.000002100406B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
    Source: firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000E.00000003.2323086028.00000BEBAFC03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2256266806.0000020FFAE83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2324541541.0000021002E3B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339291099.0000021002E41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000E.00000003.2331897936.0000020FFBEA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2349145286.0000020FFBEA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2344929842.0000020FFBE63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2347956411.0000020FFBE83000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000E.00000003.2324541541.0000021002E3B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339291099.0000021002E41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000E.00000003.2324541541.0000021002E3B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339291099.0000021002E41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000E.00000003.2324541541.0000021002E3B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339291099.0000021002E41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000E.00000003.2324541541.0000021002E3B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339291099.0000021002E41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000E.00000003.2360496659.0000021001B76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.14.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000000E.00000003.2326755821.0000020FFE139000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3ADF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/6e89bfba-74c5-4b66-987b-cf527
    Source: firefox.exe, 0000000E.00000003.2336644967.0000021003F96000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323359974.00000210036BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/702df2d0-e824-4dd6-9867-2357
    Source: firefox.exe, 0000000E.00000003.2323359974.00000210036BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/10f8e7ea-0f69-4ed0
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002F55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357453493.0000021002F55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
    Source: firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
    Source: firefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
    Source: firefox.exe, 0000000E.00000003.2313389013.0000021004154000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335714630.0000021004154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3AD8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 0000000E.00000003.2201230126.00000210034CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2200632343.0000021003DFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla-hub.atlassian.net/browse/SDK-405
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ok.ru/
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
    Source: firefox.exe, 0000000E.00000003.2201230126.00000210034CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2200632343.0000021003DFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://probeinfo.telemetry.mozilla.org/glean/repositories.
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000E.00000003.2350552788.0000020FF977D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2350746165.0000020FF9748000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323359974.00000210036F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2337880980.0000021003297000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 0000000E.00000003.2337880980.000002100326D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000E.00000003.2362265477.000002100154C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 0000000E.00000003.2337880980.000002100326D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219514011.000002100326E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 0000000E.00000003.2205980530.0000021003271000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337880980.000002100326D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
    Source: firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2302153284.00000210031AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 0000000E.00000003.2346193098.0000020FFB319000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2352726855.0000021003D69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2337880980.000002100325A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F0F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000E.00000003.2316029386.0000021001A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3AD13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000E.00000003.2340779561.0000021001A76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2350552788.0000020FF977D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 0000000E.00000003.2363628943.0000020FFD142000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD142000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2343863679.0000020FFD142000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411F86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 0000000E.00000003.2345056546.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000000E.00000003.2345056546.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: firefox.exe, 0000000E.00000003.2337417726.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205088535.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2350203433.0000020FF97B1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2354066908.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000E.00000003.2329558701.0000020FFC4E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2353757154.000002100362F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2365112389.0000020FFC4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC4E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000E.00000003.2347432457.0000020FFB0D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
    Source: firefox.exe, 0000000E.00000003.2316029386.0000021001A7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002EC0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2340779561.0000021001A7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2345056546.0000020FFB34C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368664634.0000020FFB35C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314341424.0000021003FDC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324099214.0000021002EC3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335956474.0000021004033000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323359974.00000210036BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2323103645.0000021003FDC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2336339142.0000021003FDC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 0000000E.00000003.2280796690.0000020FFC3B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291280054.0000020FFC3B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000E.00000003.2369410617.0000020FFB07E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.
    Source: firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
    Source: firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
    Source: firefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2343356597.00000210016E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
    Source: firefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000E.00000003.2350203433.0000020FF97B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
    Source: firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 0000000E.00000003.2349426313.0000020FFACA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://watch.sling.com/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000E.00000003.2316029386.0000021001AAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
    Source: firefox.exe, 0000000E.00000003.2186378353.0000021001C23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
    Source: firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002F23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2353852624.00000210034EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2232927507.0000020FFB2F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170842237.0000020FF9582000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170527981.0000020FF953F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337202230.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2342057520.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002F23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/?field-keywords=&ie=UTF-8&mode=blended&tag=mozill
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
    Source: firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
    Source: firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
    Source: firefox.exe, 0000000E.00000003.2268220013.0000020FFD8BB000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267964657.0000020FFD8B7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002F23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: firefox.exe, 0000000E.00000003.2340779561.0000021001A90000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316029386.0000021001A90000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2360770771.0000021001A90000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000E.00000003.2205229198.00000210033EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 0000000E.00000003.2324737218.00000210022AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
    Source: firefox.exe, 0000000E.00000003.2206397914.0000021002FA9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=P-
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
    Source: firefox.exe, 0000000E.00000003.2346800561.0000020FFB1A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mobilesuica.com/
    Source: firefox.exe, 0000000E.00000003.2337417726.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206397914.0000021002F55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2356918497.0000021002FA0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206397914.0000021002FA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206397914.0000021002FA0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2205088535.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2354066908.00000210034A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2356918497.0000021002F72000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2342542833.0000021002F6D000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
    Source: firefox.exe, 0000000E.00000003.2195652014.0000021003109000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195652014.0000021003111000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
    Source: places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
    Source: firefox.exe, 0000000E.00000003.2347432457.0000020FFB0D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2323086028.00000BEBAFC03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2354219827.00000210033C4000.00000004.00000800.00020000.00000000.sdmp, targeting.snapshot.json.tmp.14.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2337880980.00000210032A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219514011.00000210032A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324099214.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
    Source: firefox.exe, 0000000E.00000003.2323086028.00000BEBAFC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Zy#
    Source: firefox.exe, 0000000E.00000003.2347432457.0000020FFB0D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000E.00000003.2324737218.00000210022E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358313228.00000210022E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 0000000E.00000003.2337880980.00000210032A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219514011.00000210032A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324099214.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
    Source: firefox.exe, 00000012.00000002.3976537496.000001BD3ADF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2351401433.00000210040D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 0000000E.00000003.2324099214.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316029386.0000021001AAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
    Source: firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 0000000E.00000003.2349426313.0000020FFACA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sling.com/
    Source: firefox.exe, 0000000E.00000003.2312896408.000002100416B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313655634.000002100404B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000E.00000003.2339570987.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208048139.0000021001DD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 00000011.00000002.3975847863.000001A411F0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3AD0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000E.00000003.2316029386.0000021001AAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.zhihu.com/
    Source: firefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 0000000E.00000003.2326854169.0000020FFD15B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208755876.0000020FFC0B3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2341066210.00000210019AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000E.00000003.2369827892.0000020FFAF21000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330935415.0000020FFC141000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: recovery.jsonlz4.tmp.14.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000012.00000002.3975923553.000001BD3AA80000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.co
    Source: firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330935415.0000020FFC141000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3975287496.000002CE88A80000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3978601855.000002CE88F74000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3975287496.000002CE88A8A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3974686670.000001A411C2A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3974686670.000001A411C20000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3978166748.000001A4120F4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3975923553.000001BD3AA84000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3974769401.000001BD3A93A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3974769401.000001BD3A930000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000C.00000002.2153853918.0000023FDC72A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2165766694.0000017914C31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 00000010.00000002.3975287496.000002CE88A80000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3978601855.000002CE88F74000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3974686670.000001A411C20000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3978166748.000001A4120F4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3975923553.000001BD3AA84000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3974769401.000001BD3A930000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: random.exe, 00000000.00000003.2192727370.000000000103C000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2192176317.0000000001039000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000002.2199023230.000000000103C000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2193828818.000000000103C000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2192927031.000000000103C000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2190091199.0000000001028000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2193707338.000000000103C000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2192521064.000000000103C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdv
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
    Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
    Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
    Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50019 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
    Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
    Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
    Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
    Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49716 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49721 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49750 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49766 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49767 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49899 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49900 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.5:49901 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49910 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49909 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49908 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49912 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50021 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50022 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50024 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50023 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50025 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0058EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058ED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_0058ED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0058EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_0057AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A9576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_005A9576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000000.2112501264.00000000005D2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_07aa77e9-2
    Source: random.exe, 00000000.00000000.2112501264.00000000005D2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_525a5120-9
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_45a15317-d
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_6a1799ae-a
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4124D6977 NtQuerySystemInformation,17_2_000001A4124D6977
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4125066B2 NtQuerySystemInformation,17_2_000001A4125066B2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057D5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_0057D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00571201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00571201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_0057E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051BF400_2_0051BF40
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005820460_2_00582046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005180600_2_00518060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005782980_2_00578298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054E4FF0_2_0054E4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054676B0_2_0054676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A48730_2_005A4873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051CAF00_2_0051CAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0053CAA00_2_0053CAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052CC390_2_0052CC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00546DD90_2_00546DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052B1190_2_0052B119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005191C00_2_005191C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005313940_2_00531394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005317060_2_00531706
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0053781B0_2_0053781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052997D0_2_0052997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005179200_2_00517920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005319B00_2_005319B0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00537A4A0_2_00537A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00531C770_2_00531C77
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00537CA70_2_00537CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0059BE440_2_0059BE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00549EEE0_2_00549EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00531F320_2_00531F32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4124D697717_2_000001A4124D6977
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4125066B217_2_000001A4125066B2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A412506DDC17_2_000001A412506DDC
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4125066F217_2_000001A4125066F2
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 0052F9F2 appears 40 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00530A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00519CB3 appears 31 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal76.troj.evad.winEXE@34/41@73/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005837B5 GetLastError,FormatMessageW,0_2_005837B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005710BF AdjustTokenPrivileges,CloseHandle,0_2_005710BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005716C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_005716C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005851CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_005851CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_0057D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_0058648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005142A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_005142A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4996:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3964:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:528:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5244:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3340:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000E.00000003.2205316985.00000210033BB000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE moz_icons ( id INTEGER PRIMARY KEY, icon_url TEXT NOT NULL, fixed_icon_url_hash INTEGER NOT NULL, width INTEGER NOT NULL DEFAULT 0, root INTEGER NOT NULL DEFAULT 0, color INTEGER, expire_ms INTEGER NOT NULL DEFAULT 0, data BLOB )@;
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000E.00000003.2323359974.00000210036BA000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000E.00000003.2324397539.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2358230584.0000021002E8E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeReversingLabs: Detection: 31%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2100 -prefMapHandle 2092 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4288b39-eeff-48cc-89be-fe64cc4e59d5} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20fe9b6f310 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4112 -parentBuildID 20230927232528 -prefsHandle 1388 -prefMapHandle 4232 -prefsLen 26395 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {125b98cb-c08a-463f-845a-e5a5de2dd182} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20ffaf6fe10 rdd
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5020 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {adec35be-c7a7-4da3-a367-92b1400258f1} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 21003272b10 utility
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2100 -prefMapHandle 2092 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4288b39-eeff-48cc-89be-fe64cc4e59d5} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20fe9b6f310 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4112 -parentBuildID 20230927232528 -prefsHandle 1388 -prefMapHandle 4232 -prefsLen 26395 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {125b98cb-c08a-463f-845a-e5a5de2dd182} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20ffaf6fe10 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5020 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {adec35be-c7a7-4da3-a367-92b1400258f1} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 21003272b10 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000E.00000003.2273725794.0000020FFD85F000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000E.00000003.2279973321.0000020FF9CBD000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2278363392.0000020FF9CC0000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000E.00000003.2279973321.0000020FF9CBD000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000E.00000003.2279087229.0000020FF9CB7000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2278363392.0000020FF9CC0000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2275824703.0000020FFD803000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000E.00000003.2273725794.0000020FFD85F000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000E.00000003.2279087229.0000020FF9CB7000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2275824703.0000020FFD803000.00000004.00000020.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005142DE
    Source: gmpopenh264.dll.tmp.14.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00530A76 push ecx; ret 0_2_00530A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052F98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_0052F98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A1C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_005A1C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-95859
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4124D6977 rdtsc 17_2_000001A4124D6977
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0057DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054C2A2 FindFirstFileExW,0_2_0054C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005868EE FindFirstFileW,FindClose,0_2_005868EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0058698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0057D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0057D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00589642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00589642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0058979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00589B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00589B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00585C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00585C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005142DE
    Source: firefox.exe, 00000010.00000002.3979690619.000002CE89440000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllY
    Source: random.exe, 00000000.00000003.2195008927.0000000000F4C000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2196246735.0000000000F5F000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2195553343.0000000000F51000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000002.2198672048.0000000000F66000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp
    Source: firefox.exe, 00000012.00000002.3978885603.000001BD3AE00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWR
    Source: random.exe, 00000000.00000003.2184453970.0000000000F85000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2196024057.0000000000F87000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2119149903.0000000000F85000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3975287496.000002CE88A8A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3974686670.000001A411C2A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3979172549.000001A412580000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 00000010.00000002.3978889055.000002CE89015000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000011.00000002.3979172549.000001A412580000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll^_/
    Source: firefox.exe, 00000010.00000002.3975287496.000002CE88A8A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
    Source: firefox.exe, 00000012.00000002.3974769401.000001BD3A93A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`$
    Source: firefox.exe, 00000010.00000002.3979690619.000002CE89440000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3979172549.000001A412580000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_000001A4124D6977 rdtsc 17_2_000001A4124D6977
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0058EAA2 BlockInput,0_2_0058EAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00542622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00542622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005142DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00534CE8 mov eax, dword ptr fs:[00000030h]0_2_00534CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00570B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00570B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00542622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00542622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0053083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0053083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005309D5 SetUnhandledExceptionFilter,0_2_005309D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00530C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00530C21
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00571201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00571201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00552BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_00552BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0057B226 SendInput,keybd_event,0_2_0057B226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005922DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_005922DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00570B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00570B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00571663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00571663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: firefox.exe, 0000000E.00000003.2266109191.0000020FFD803000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: hSoftware\Policies\Microsoft\Windows\PersonalizationNoChangingStartMenuBackgroundPersonalColors_BackgroundWilStaging_02RtlDisownModuleHeapAllocationRtlQueryFeatureConfigurationRtlRegisterFeatureConfigurationChangeNotificationRtlSubscribeWnfStateChangeNotificationRtlDllShutdownInProgressntdll.dllNtQueryWnfStateDataLocal\SM0:%d:%d:%hs_p0Local\SessionImmersiveColorPreferenceBEGINTHMthmfile\Sessions\%d\Windows\ThemeSectionMessageWindowendthemewndThemeApiConnectionRequest\ThemeApiPortwinsta0SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\PersonalizeAppsUseLightThemeSystemUsesLightThemedefaultshell\themes\uxtheme\render.cppCompositedWindow::WindowdeletedrcacheMDIClientSoftware\Microsoft\Windows\DWMColorPrevalenceSoftware\Microsoft\Windows\CurrentVersion\ImmersiveShellTabletModeMENUAccentColorSoftware\Microsoft\Windows\CurrentVersion\Explorer\AccentDefaultStartColorControl Panel\DesktopAutoColorizationAccentColorMenuStartColorMenuAutoColorSoftware\Microsoft\Windows\CurrentVersion\Themes\History\ColorsSoftware\Microsoft\Windows\CurrentVersion\Themes\HistoryAccentPaletteTab$Shell_TrayWndLocal\SessionImmersiveColorMutex
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00530698 cpuid 0_2_00530698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0056D21C GetLocalTime,0_2_0056D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0056D27A GetUserNameW,0_2_0056D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0054B952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_0054B952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005142DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7064, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7064, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00591204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_00591204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00591806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_00591806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager2
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials1
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1622958 Sample: random.exe Startdate: 24/02/2025 Architecture: WINDOWS Score: 76 45 youtube.com 2->45 47 youtube-ui.l.google.com 2->47 49 38 other IPs or domains 2->49 57 Antivirus / Scanner detection for submitted sample 2->57 59 Multi AV Scanner detection for submitted file 2->59 61 Yara detected Credential Flusher 2->61 63 2 other signatures 2->63 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        signatures3 process4 signatures5 65 Binary is likely a compiled AutoIt script file 8->65 67 Found API chain indicative of sandbox detection 8->67 13 taskkill.exe 1 8->13         started        15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        23 3 other processes 8->23 19 firefox.exe 3 217 11->19         started        process6 dnsIp7 25 conhost.exe 13->25         started        27 conhost.exe 15->27         started        29 conhost.exe 17->29         started        51 youtube.com 172.217.16.206, 443, 49711, 49712 GOOGLEUS United States 19->51 53 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49713, 49718, 49722 GOOGLEUS United States 19->53 55 12 other IPs or domains 19->55 41 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 19->41 dropped 43 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 19->43 dropped 31 firefox.exe 1 19->31         started        33 firefox.exe 1 19->33         started        35 firefox.exe 1 19->35         started        37 conhost.exe 23->37         started        39 conhost.exe 23->39         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe32%ReversingLabsWin32.Ransomware.Generic
    random.exe100%AviraTR/ATRAPS.Gen

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%VirustotalBrowse
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%VirustotalBrowse

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    No Antivirus matches

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		23.215.0.133
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.253.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		104.244.42.193
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		44.231.111.180
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.129.91
                  		truefalse
                    		high
                    dyna.wikimedia.org
                    		185.15.59.224
                    		truefalse
                      		high
                      prod.remote-settings.prod.webservices.mozgcp.net
                      		34.149.100.209
                      		truefalse
                        		high
                        contile.services.mozilla.com
                        		34.117.188.166
                        		truefalse
                          		high
                          youtube.com
                          		172.217.16.206
                          		truefalse
                            		high
                            prod.content-signature-chains.prod.webservices.mozgcp.net
                            		34.160.144.191
                            		truefalse
                              		high
                              a19.dscg10.akamai.net
                              		2.22.61.56
                              		truefalse
                                		high
                                youtube-ui.l.google.com
                                		216.58.206.46
                                		truefalse
                                  		high
                                  us-west1.prod.sumo.prod.webservices.mozgcp.net
                                  		34.149.128.2
                                  		truefalse
                                    		high
                                    reddit.map.fastly.net
                                    		151.101.193.140
                                    		truefalse
                                      		high
                                      ipv4only.arpa
                                      		192.0.0.171
                                      		truefalse
                                        		high
                                        prod.ads.prod.webservices.mozgcp.net
                                        		34.117.188.166
                                        		truefalse
                                          		high
                                          push.services.mozilla.com
                                          		34.107.243.93
                                          		truefalse
                                            		high
                                            normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                            		34.49.51.44
                                            		truefalse
                                              		high
                                              telemetry-incoming.r53-2.services.mozilla.com
                                              		34.120.208.123
                                              		truefalse
                                                		high
                                                www.reddit.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  spocs.getpocket.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content-signature-2.cdn.mozilla.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      support.mozilla.org
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        firefox.settings.services.mozilla.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.youtube.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.facebook.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              detectportal.firefox.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                normandy.cdn.mozilla.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  shavar.services.mozilla.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.wikipedia.org
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 0000000E.00000003.2365449565.0000020FFC4DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC4D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://detectportal.firefox.com/firefox.exe, 0000000E.00000003.2369827892.0000020FFAF21000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                              		high
                                                                              https://datastudio.google.com/embed/reporting/firefox.exe, 0000000E.00000003.2336541702.0000021003FBD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://www.mozilla.com0gmpopenh264.dll.tmp.14.drfalse
                                                                                  		high
                                                                                  https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000E.00000003.2186378353.0000021001C23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                      		high
                                                                                      https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000012.00000002.3976537496.000001BD3AD8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://www.leboncoin.fr/firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://spocs.getpocket.com/spocsfirefox.exe, 0000000E.00000003.2340779561.0000021001A76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2350552788.0000020FF977D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://www.amazon.com/exec/obidos/external-search/?field-keywords=&ie=UTF-8&mode=blended&tag=mozillfirefox.exe, 0000000E.00000003.2206397914.0000021002F23000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://screenshots.firefox.comfirefox.exe, 0000000E.00000003.2350203433.0000020FF97B1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://shavar.services.mozilla.comfirefox.exe, 0000000E.00000003.2346193098.0000020FFB319000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://completion.amazon.com/search/complete?q=firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000E.00000003.2345056546.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000E.00000003.2324541541.0000021002E3B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314841804.0000021002E41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2339291099.0000021002E41000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://monitor.firefox.com/breach-details/firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000E.00000003.2206397914.0000021002F23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2353852624.00000210034EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2232927507.0000020FFB2F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170842237.0000020FF9582000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170527981.0000020FF953F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337202230.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2342057520.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://profiler.firefox.com/firefox.exe, 0000000E.00000003.2350552788.0000020FF977D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://www.msn.comfirefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000E.00000003.2169678579.0000020FF951E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170527981.0000020FF953F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169518663.0000020FF9300000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170681558.0000020FF9561000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://youtube.com/firefox.exe, 0000000E.00000003.2369827892.0000020FFAF21000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330935415.0000020FFC141000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://content-signature-2.cdn.mozilla.net/firefox.exe, 0000000E.00000003.2337880980.0000021003297000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000E.00000003.2355029983.0000021003217000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000E.00000003.2358313228.00000210022E3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://api.accounts.firefox.com/v1firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://ok.ru/firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://www.amazon.com/firefox.exe, 0000000E.00000003.2205126149.00000210033F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357594991.0000021002F07000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.youtube.com/firefox.exe, 00000011.00000002.3975847863.000001A411F0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3AD0C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000E.00000003.2248147657.0000020FFBD79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://MD8.mozilla.org/1/mfirefox.exe, 0000000E.00000003.2208048139.0000021001DF9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www.bbc.co.uk/firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000E.00000003.2324737218.0000021002275000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364268156.000002100227C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 0000000E.00000003.2360430883.0000021001B93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2325407220.000002100195D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321596404.0000020FFA38E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3976537496.000001BD3ADC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://127.0.0.1:firefox.exe, 0000000E.00000003.2201041987.00000210034F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337880980.000002100326D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201041987.00000210034E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219514011.000002100326E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2362265477.000002100154C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201041987.00000210034EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201041987.00000210034FC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000E.00000003.2248147657.0000020FFBD6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249468063.0000020FFBD80000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000E.00000003.2302153284.00000210031AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://bugzilla.mofirefox.exe, 0000000E.00000003.2358080935.0000021002EA4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://mitmdetection.services.mozilla.com/firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000E.00000003.2345056546.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2368000998.0000020FFB3BA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://youtube.com/account?=recovery.jsonlz4.tmp.14.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://shavar.services.mozilla.com/firefox.exe, 0000000E.00000003.2352726855.0000021003D69000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBLfirefox.exe, 0000000E.00000003.2314841804.0000021002EFC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&reffirefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477firefox.exe, 00000010.00000002.3976752017.000002CE88EC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3975847863.000001A411FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3979057416.000001BD3AF03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000000E.00000003.2361455212.00000210016FB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://spocs.getpocket.com/firefox.exe, 00000012.00000002.3976537496.000001BD3AD13000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://www.iqiyi.com/firefox.exe, 0000000E.00000003.2339570987.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219902529.0000021001DDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://youtube.com/account?=https://accounts.google.cofirefox.exe, 00000012.00000002.3975923553.000001BD3AA80000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://support.mozilla.org/products/firefoxgro.allizom.troppus.places.sqlite-wal.14.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://addons.mozilla.org/firefox.exe, 0000000E.00000003.2314589157.00000210034A1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000000E.00000003.2316655490.00000210019AC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiprefs-1.js.14.drfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://www.inbox.lv/rfc2368/?value=%sufirefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://monitor.firefox.com/user/dashboardfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://monitor.firefox.com/aboutfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        http://mozilla.org/MPL/2.0/.firefox.exe, 0000000E.00000003.2332943300.0000020FFB215000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2177517816.0000020FF93B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332824340.0000020FFB235000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277972474.0000020FFBC63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2328041545.0000020FFD07C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277747377.0000020FF93B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201327953.0000020FFC59E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286921926.00000210017DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300607236.0000020FFBCAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330425195.0000020FFC177000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273506615.0000020FF9695000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273506615.0000020FF9673000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2246750811.0000020FFBCB1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2365987596.0000020FFC497000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2364520744.0000020FFD016000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300607236.0000020FFBCB1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2318010389.0000020FFB25B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2201654691.0000020FFC490000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2179078908.0000020FF9399000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2363847582.0000020FFC59B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://account.bellmedia.cfirefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            http://youtube.com/firefox.exe, 0000000E.00000003.2206397914.0000021002FC1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://login.microsoftonline.comfirefox.exe, 0000000E.00000003.2343863679.0000020FFD121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2326854169.0000020FFD121000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://coverage.mozilla.orgfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.14.drfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    https://www.zhihu.com/firefox.exe, 0000000E.00000003.2316029386.0000021001AAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209086435.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2366735623.0000020FFC04D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      http://x1.c.lencr.org/0firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        http://x1.i.lencr.org/0firefox.exe, 0000000E.00000003.2315517462.0000021001ABF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000E.00000003.2206397914.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2338441516.0000021002FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2355646727.0000021002FC6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000E.00000003.2302420559.0000021001C1A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://mozilla-hub.atlassian.net/browse/SDK-405firefox.exe, 0000000E.00000003.2201230126.00000210034CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2200632343.0000021003DFA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://blocked.cdn.mozilla.net/firefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  https://json-schema.org/draft/2019-09/schemafirefox.exe, 0000000E.00000003.2206397914.0000021002F55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2357453493.0000021002F55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2195017781.0000020FFA764000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000E.00000003.2343356597.00000210016E4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      https://duckduckgo.com/?t=ffab&q=firefox.exe, 0000000E.00000003.2206397914.0000021002FA9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://profiler.firefox.comfirefox.exe, 00000010.00000002.3976251318.000002CE88C50000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3978415076.000001A412490000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3975762313.000001BD3AA30000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                          https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000E.00000003.2350203433.0000020FF97C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                                            https://identity.mozilla.com/apps/relayfirefox.exe, 0000000E.00000003.2331897936.0000020FFBEA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2349145286.0000020FFBEA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2344929842.0000020FFBE63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2347956411.0000020FFBE83000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                              		high

                                                                                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                              172.217.16.206
                                                                                                                                                                                                                                                                              		youtube.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              2.22.61.56
                                                                                                                                                                                                                                                                              		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                              44.231.111.180
                                                                                                                                                                                                                                                                              		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                              34.149.100.209
                                                                                                                                                                                                                                                                              		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              151.101.129.91
                                                                                                                                                                                                                                                                              		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                                              		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                              34.107.243.93
                                                                                                                                                                                                                                                                              		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.107.221.82
                                                                                                                                                                                                                                                                              		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              35.244.181.201
                                                                                                                                                                                                                                                                              		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.49.51.44
                                                                                                                                                                                                                                                                              		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.117.188.166
                                                                                                                                                                                                                                                                              		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                              35.190.72.216
                                                                                                                                                                                                                                                                              		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.160.144.191
                                                                                                                                                                                                                                                                              		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.120.208.123
                                                                                                                                                                                                                                                                              		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                              Private

                                                                                                                                                                                                                                                                              IP
                                                                                                                                                                                                                                                                              127.0.0.1

                                                                                                                                                                                                                                                                              General Information

                                                                                                                                                                                                                                                                              Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                              Analysis ID:1622958
                                                                                                                                                                                                                                                                              Start date and time:2025-02-24 18:50:52 +01:00
                                                                                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                              Overall analysis duration:0h 7m 50s
                                                                                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                                                                                              Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                              Run name:Run with higher sleep bypass
                                                                                                                                                                                                                                                                              Number of analysed new started processes analysed:21
                                                                                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                              Sample name:random.exe
                                                                                                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                                                                                                              Classification:mal76.troj.evad.winEXE@34/41@73/14
                                                                                                                                                                                                                                                                              EGA Information:
                                                                                                                                                                                                                                                                              • Successful, ratio: 50%
                                                                                                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                                                                                                              • Successful, ratio: 96%
                                                                                                                                                                                                                                                                              • Number of executed functions: 50
                                                                                                                                                                                                                                                                              • Number of non-executed functions: 287
                                                                                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                                                                                              • Found application associated with file extension: .exe
                                                                                                                                                                                                                                                                              • Sleeps bigger than 100000000ms are automatically reduced to 1000ms
                                                                                                                                                                                                                                                                              • Sleep loops longer than 100000000ms are bypassed. Single calls with delay of 100000000ms and higher are ignored

                                                                                                                                                                                                                                                                              Warnings

                                                                                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 2.19.106.160, 142.250.184.234, 172.217.18.106, 172.217.23.110, 172.217.18.110, 13.107.246.60, 20.12.23.50
                                                                                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, ciscobinary.openh264.org, otelrules.azureedge.net, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, aus5.mozilla.org, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, redirector.gvt1.com, e16604.g.akamaiedge.net, safebrowsing.googleapis.com, prod.fs.microsoft.com.akadns.net, location.services.mozilla.com
                                                                                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                              • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                              Simulations

                                                                                                                                                                                                                                                                              Behavior and APIs

                                                                                                                                                                                                                                                                              No simulations

                                                                                                                                                                                                                                                                              Joe Sandbox View / Context

                                                                                                                                                                                                                                                                              IPs

                                                                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                              2.22.61.56http://ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zip
                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                              34.149.100.209random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                  https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                151.101.129.91https://gustavo23435.wixstudio.com/my-site-1Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                  https://mitini5579.wixsite.com/identifiez-vousGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    https://hopp.bio/universeglobalcentGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      http://vesnazid.wixstudio.com/my-siteGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        http://ugugfcgfdf.wixstudio.com/etrgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              http://coinbasewalletus.wixsite.com/coiinbasewaletsignupGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                http://facebooksafety23.wixsite.com/verifyGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  http://metamaskvip.wixsite.com/airdropsGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                                                    Domains

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    shavar.prod.mozaws.netlX1M7MPt7Y.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                    • 34.208.172.229
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 34.209.7.244
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 52.24.11.115
                                                                                                                                                                                                                                                                                                                    https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.208.172.229
                                                                                                                                                                                                                                                                                                                    Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.208.172.229
                                                                                                                                                                                                                                                                                                                    https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                    • 52.35.152.253
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 52.35.181.117
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 34.208.172.229
                                                                                                                                                                                                                                                                                                                    https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 52.35.181.117
                                                                                                                                                                                                                                                                                                                    example.orglX1M7MPt7Y.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.133
                                                                                                                                                                                                                                                                                                                    https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                    • 96.7.128.186
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 96.7.128.192
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    twitter.comhttp://pearltimes.co.ug/wp-content/reports/qnts/au/auth/auhs1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 104.244.42.65
                                                                                                                                                                                                                                                                                                                    star-mini.c10r.facebook.comhttps://sxdcfvg.blob.core.windows.net/swfgm/slp.htmlGet hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.253.35
                                                                                                                                                                                                                                                                                                                    https://t.salesmatemail.net/email/v1/track?key=4788dfbd-ffb2-4c0e-b7b1-b1e698ca06aaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.253.35
                                                                                                                                                                                                                                                                                                                    https://www.mediafire.com/folder/rq9keaobsyt4w/LoaderGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.253.35
                                                                                                                                                                                                                                                                                                                    http://john-lewis.topGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.0.35
                                                                                                                                                                                                                                                                                                                    http://pearltimes.co.ug/wp-content/reports/qnts/au/auth/auhs1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.253.35
                                                                                                                                                                                                                                                                                                                    PhotoPosPro4_SetUp.exeGet hashmaliciousAsyncRAT, GhostRatBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.0.35
                                                                                                                                                                                                                                                                                                                    https://outook.lojaseofertas.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.252.35
                                                                                                                                                                                                                                                                                                                    http://pink-jobs.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.251.35
                                                                                                                                                                                                                                                                                                                    http://weareprosquared.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.0.35

                                                                                                                                                                                                                                                                                                                    ASNs

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    AKAMAI-ASN1EUhttp://multitran.com/m.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 95.101.149.233
                                                                                                                                                                                                                                                                                                                    https://sxdcfvg.blob.core.windows.net/swfgm/slp.htmlGet hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 72.247.154.177
                                                                                                                                                                                                                                                                                                                    jli.dll.dllGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                    • 23.197.127.21
                                                                                                                                                                                                                                                                                                                    EXTERNAL FW Complete Settlement Agreement Approved Monday February 24 2025.msgGet hashmaliciousGabagool, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 2.22.242.145
                                                                                                                                                                                                                                                                                                                    4338471.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 104.124.11.40
                                                                                                                                                                                                                                                                                                                    https://www.mediafire.com/file_premium/gvsjycs9mnhqpli/Tristan_Cardinal_Proposal.pdf/fileGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 95.101.79.80
                                                                                                                                                                                                                                                                                                                    https://t.salesmatemail.net/email/v1/track?key=4788dfbd-ffb2-4c0e-b7b1-b1e698ca06aaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 88.221.110.56
                                                                                                                                                                                                                                                                                                                    Microsoft subscription purchase confirmation.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 95.101.182.112
                                                                                                                                                                                                                                                                                                                    Microsoft subscription purchase confirmation.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 2.22.242.139
                                                                                                                                                                                                                                                                                                                    ATGS-MMD-ASUShttp://multitran.com/m.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.1.1.166
                                                                                                                                                                                                                                                                                                                    https://easyupload.io/l5wpfbGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.1.1.166
                                                                                                                                                                                                                                                                                                                    https://www.ausschreibungen-strabag.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.149.206.255
                                                                                                                                                                                                                                                                                                                    http://pearltimes.co.ug/wp-content/reports/qnts/au/auth/auhs1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.8.123.242
                                                                                                                                                                                                                                                                                                                    res.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 56.64.166.47
                                                                                                                                                                                                                                                                                                                    res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 56.77.143.184
                                                                                                                                                                                                                                                                                                                    res.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 57.143.244.91
                                                                                                                                                                                                                                                                                                                    res.m68k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 56.118.114.183
                                                                                                                                                                                                                                                                                                                    res.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 48.140.203.158
                                                                                                                                                                                                                                                                                                                    FASTLYUShttp://multitran.com/m.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.130.49
                                                                                                                                                                                                                                                                                                                    https://f.io/bUMg8j0PGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.194.137
                                                                                                                                                                                                                                                                                                                    EXTERNAL FW Complete Settlement Agreement Approved Monday February 24 2025.msgGet hashmaliciousGabagool, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.66.137
                                                                                                                                                                                                                                                                                                                    4338471.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.1.140
                                                                                                                                                                                                                                                                                                                    https://www.mediafire.com/file_premium/gvsjycs9mnhqpli/Tristan_Cardinal_Proposal.pdf/fileGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.1.229
                                                                                                                                                                                                                                                                                                                    EFT Remittance_(Mmannix)CQDM.htmlGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.66.137
                                                                                                                                                                                                                                                                                                                    https://github.com/obsidianmd/obsidian-releases/releases/download/v1.8.7/Obsidian-1.8.7.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.111.133
                                                                                                                                                                                                                                                                                                                    http://lookerstudio%2e%67%6f%6f%67%6c%65%2e%63%6f%6d/s/ryl1d6fWDPQGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.2.137
                                                                                                                                                                                                                                                                                                                    http://dcuct.roisfaozi.com/rd/4mgaxw4733Bifj425sqnneagkxv6756OONFZNZGXKXTATR5427172XJTT17397o12Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.2.132
                                                                                                                                                                                                                                                                                                                    AMAZON-02USmain_arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                    • 34.254.182.186
                                                                                                                                                                                                                                                                                                                    194.85.251.31-x86-2025-02-24T17_35_13.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 54.171.230.55
                                                                                                                                                                                                                                                                                                                    http://multitran.com/m.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 52.30.155.174
                                                                                                                                                                                                                                                                                                                    https://f.io/bUMg8j0PGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 76.76.21.93
                                                                                                                                                                                                                                                                                                                    https://f.io/bUMg8j0PGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                                                    • 108.138.26.13
                                                                                                                                                                                                                                                                                                                    PDFOneStartLive.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 143.204.98.59
                                                                                                                                                                                                                                                                                                                    https://sxdcfvg.blob.core.windows.net/swfgm/slp.htmlGet hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 34.243.154.178
                                                                                                                                                                                                                                                                                                                    main_arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                    • 54.171.230.55
                                                                                                                                                                                                                                                                                                                    4338471.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.243.103.222
                                                                                                                                                                                                                                                                                                                    ATGS-MMD-ASUShttp://multitran.com/m.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.1.1.166
                                                                                                                                                                                                                                                                                                                    https://easyupload.io/l5wpfbGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.1.1.166
                                                                                                                                                                                                                                                                                                                    https://www.ausschreibungen-strabag.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.149.206.255
                                                                                                                                                                                                                                                                                                                    http://pearltimes.co.ug/wp-content/reports/qnts/au/auth/auhs1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.8.123.242
                                                                                                                                                                                                                                                                                                                    res.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 56.64.166.47
                                                                                                                                                                                                                                                                                                                    res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 56.77.143.184
                                                                                                                                                                                                                                                                                                                    res.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 57.143.244.91
                                                                                                                                                                                                                                                                                                                    res.m68k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 56.118.114.183
                                                                                                                                                                                                                                                                                                                    res.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 48.140.203.158

                                                                                                                                                                                                                                                                                                                    JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    fb0aa01abe9d8e4037eb3473ca6e2dcarandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 151.101.129.91
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123

                                                                                                                                                                                                                                                                                                                    Dropped Files

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                              px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                                                                                                                                                                                      C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_e845fd7c-2d53-4679-a62a-443225040dee.json (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.177433721075023
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:192:dKMXaEPtbhbVbTbfbRbObtbyEl7nYrVJA6wnSrDtTkd/Sq:dPLtNhnzFSJ4rQjnSrDhkd/z
                                                                                                                                                                                                                                                                                                                                      MD5:6C442C7D5FB186BD22C17845926D01BE
                                                                                                                                                                                                                                                                                                                                      SHA1:B96193373737E2A6FEFF1FAE2AA172D03915EE0D
                                                                                                                                                                                                                                                                                                                                      SHA-256:16464812438CA65CF524F080016899F1F1E954D12DBD666F586686C6E0FBDED6
                                                                                                                                                                                                                                                                                                                                      SHA-512:CA7BCBAC31ACFB3CFF245858F1CBC6151AF35B5B1BB4EC8B882B991C339E735464F498933881295B393027B0020386156979F87FD9B8571FA842D8B3FB278245
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"type":"uninstall","id":"e845fd7c-2d53-4679-a62a-443225040dee","creationDate":"2025-02-24T19:31:45.792Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                      C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_e845fd7c-2d53-4679-a62a-443225040dee.json.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.177433721075023
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:192:dKMXaEPtbhbVbTbfbRbObtbyEl7nYrVJA6wnSrDtTkd/Sq:dPLtNhnzFSJ4rQjnSrDhkd/z
                                                                                                                                                                                                                                                                                                                                      MD5:6C442C7D5FB186BD22C17845926D01BE
                                                                                                                                                                                                                                                                                                                                      SHA1:B96193373737E2A6FEFF1FAE2AA172D03915EE0D
                                                                                                                                                                                                                                                                                                                                      SHA-256:16464812438CA65CF524F080016899F1F1E954D12DBD666F586686C6E0FBDED6
                                                                                                                                                                                                                                                                                                                                      SHA-512:CA7BCBAC31ACFB3CFF245858F1CBC6151AF35B5B1BB4EC8B882B991C339E735464F498933881295B393027B0020386156979F87FD9B8571FA842D8B3FB278245
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"type":"uninstall","id":"e845fd7c-2d53-4679-a62a-443225040dee","creationDate":"2025-02-24T19:31:45.792Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\v6zchhhv.default-release\jumpListCache\pV+3TL7Nu3EP5juvr_gPjg==.ico

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:MS Windows icon resource - 1 icon, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 24 bits/pixel
                                                                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                                                                      Size (bytes):490
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):7.246483341090937
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12:l8v/7J2T+gwjz+vdzLSMO9mj253UT3BcHXhJo:82CgwS//O91iT3BUXh6
                                                                                                                                                                                                                                                                                                                                      MD5:BD9751DFFFEFFA2154CC5913489ED58C
                                                                                                                                                                                                                                                                                                                                      SHA1:1C9230053C45CA44883103A6ACFDF49AC53ABF45
                                                                                                                                                                                                                                                                                                                                      SHA-256:834C4F18E96CFDAA395246183DE76032F1B77886764CEEBE52F6A146FA4D4C3B
                                                                                                                                                                                                                                                                                                                                      SHA-512:01072F60F4B2489BB84639A6179A82A3EA90A31C1AD61D30EF27800C3114DB5E45662583E1C0B5382F51635DC14372EFC71DCD069999D6B21A5D256C70697790
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:.......................PNG........IHDR................a....IDAT8O...1P......p....d1.....v)......p.nXM.t.H.(.......B$..}_G.{.......:uN...=......s|.$...`0.....dl6.>>>p.\.v;z.......F.a:.2..D.V.....V..n...g.z.X..C...v.......=.H..d..P*...i.."...X,.B...h...xyy.V....I$..J%r....6....Z-:...P..J..........|>'...P.\&.....l6....N5...Z.x<.....h.z..'@...L&.F..'.Jq<...m6.OOO.....$..r:.......v..V..ze.\.p.R..t.Z.....r...B...3.B..0...T*E".p8.D0..`2.D.j...h..n...wF...........#......O....IEND.B`.

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                      MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                      SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                      SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                      SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                      MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                      SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                      SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                      SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\2RI4QITB2LQ2XC86JRFE.temp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):3.3101725886157287
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:OdfEqpDAtTIUx2dWoM15SLN8zmbdfEqpDAtswM+bpoqdWoM15SLFX1Rgm1dfEqpz:OdWqUgdwDz8dWa6BdwFWdWaadwH1
                                                                                                                                                                                                                                                                                                                                      MD5:8893332FE38ABAB8B9B8508D19A13B1B
                                                                                                                                                                                                                                                                                                                                      SHA1:FA216529950D3BDDF97BF27E00152FCD7F1D3FE2
                                                                                                                                                                                                                                                                                                                                      SHA-256:10D5EE0022FCF0E5CB17A2BE22E606303F0D41DC46E7C6610983D9E97818DA47
                                                                                                                                                                                                                                                                                                                                      SHA-512:AE5F576C9FEC325C6D81E5B946556DF3EA2A8E3C215AE64E0205624DB13A121673326BF0044D6511CF51D9D727BC257B8D8BF4D0C69CA2D8D3D12217ECE7A213
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:...................................FL..................F.@.. ...p........a.............S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXZ|.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WXZ|.............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WXZ|...............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z.............d......C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\380DM6XL91IIULHWASWA.temp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):3.3101725886157287
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:OdfEqpDAtTIUx2dWoM15SLN8zmbdfEqpDAtswM+bpoqdWoM15SLFX1Rgm1dfEqpz:OdWqUgdwDz8dWa6BdwFWdWaadwH1
                                                                                                                                                                                                                                                                                                                                      MD5:8893332FE38ABAB8B9B8508D19A13B1B
                                                                                                                                                                                                                                                                                                                                      SHA1:FA216529950D3BDDF97BF27E00152FCD7F1D3FE2
                                                                                                                                                                                                                                                                                                                                      SHA-256:10D5EE0022FCF0E5CB17A2BE22E606303F0D41DC46E7C6610983D9E97818DA47
                                                                                                                                                                                                                                                                                                                                      SHA-512:AE5F576C9FEC325C6D81E5B946556DF3EA2A8E3C215AE64E0205624DB13A121673326BF0044D6511CF51D9D727BC257B8D8BF4D0C69CA2D8D3D12217ECE7A213
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:...................................FL..................F.@.. ...p........a.............S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXZ|.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WXZ|.............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WXZ|...............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z.............d......C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):3.3101725886157287
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:OdfEqpDAtTIUx2dWoM15SLN8zmbdfEqpDAtswM+bpoqdWoM15SLFX1Rgm1dfEqpz:OdWqUgdwDz8dWa6BdwFWdWaadwH1
                                                                                                                                                                                                                                                                                                                                      MD5:8893332FE38ABAB8B9B8508D19A13B1B
                                                                                                                                                                                                                                                                                                                                      SHA1:FA216529950D3BDDF97BF27E00152FCD7F1D3FE2
                                                                                                                                                                                                                                                                                                                                      SHA-256:10D5EE0022FCF0E5CB17A2BE22E606303F0D41DC46E7C6610983D9E97818DA47
                                                                                                                                                                                                                                                                                                                                      SHA-512:AE5F576C9FEC325C6D81E5B946556DF3EA2A8E3C215AE64E0205624DB13A121673326BF0044D6511CF51D9D727BC257B8D8BF4D0C69CA2D8D3D12217ECE7A213
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:...................................FL..................F.@.. ...p........a.............S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXZ|.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WXZ|.............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WXZ|...............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z.............d......C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):3.3101725886157287
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:OdfEqpDAtTIUx2dWoM15SLN8zmbdfEqpDAtswM+bpoqdWoM15SLFX1Rgm1dfEqpz:OdWqUgdwDz8dWa6BdwFWdWaadwH1
                                                                                                                                                                                                                                                                                                                                      MD5:8893332FE38ABAB8B9B8508D19A13B1B
                                                                                                                                                                                                                                                                                                                                      SHA1:FA216529950D3BDDF97BF27E00152FCD7F1D3FE2
                                                                                                                                                                                                                                                                                                                                      SHA-256:10D5EE0022FCF0E5CB17A2BE22E606303F0D41DC46E7C6610983D9E97818DA47
                                                                                                                                                                                                                                                                                                                                      SHA-512:AE5F576C9FEC325C6D81E5B946556DF3EA2A8E3C215AE64E0205624DB13A121673326BF0044D6511CF51D9D727BC257B8D8BF4D0C69CA2D8D3D12217ECE7A213
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:...................................FL..................F.@.. ...p........a.............S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IXZ|.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WXZ|.............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WXZ|...............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z.............d......C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.926815679995959
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:48:YnSwkmrOVPUFRbOdwNIOdoWLEWLtkDZuwpx5FBvipA6kb92the6LuhakN53q99xE:8S+OVPUFRbOdwNIOdYpjvY1Q6LDv8P
                                                                                                                                                                                                                                                                                                                                      MD5:FC6103418CCA1DBFD6D550DE741735F6
                                                                                                                                                                                                                                                                                                                                      SHA1:51E974A5A8A98FD1F333A3A4562495EF92A19715
                                                                                                                                                                                                                                                                                                                                      SHA-256:B667DA01E0C3EA1196CA4376AC6403B6CD0BF05F6A3BA79BF1251B5827B02167
                                                                                                                                                                                                                                                                                                                                      SHA-512:4CDD2BA12FC42CA5D6B21702579AFF0AA5A4C43B334D29EB9932C9750F46BD1B11D0B1F66407E3606CC0F15CD24D99F2CBD88A937C70C58A7AFA75720C5D5AD8
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"3ba649bc-be47-4b92-8762-21cab57bda3b","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-04T13:40:33.697Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.926815679995959
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:48:YnSwkmrOVPUFRbOdwNIOdoWLEWLtkDZuwpx5FBvipA6kb92the6LuhakN53q99xE:8S+OVPUFRbOdwNIOdYpjvY1Q6LDv8P
                                                                                                                                                                                                                                                                                                                                      MD5:FC6103418CCA1DBFD6D550DE741735F6
                                                                                                                                                                                                                                                                                                                                      SHA1:51E974A5A8A98FD1F333A3A4562495EF92A19715
                                                                                                                                                                                                                                                                                                                                      SHA-256:B667DA01E0C3EA1196CA4376AC6403B6CD0BF05F6A3BA79BF1251B5827B02167
                                                                                                                                                                                                                                                                                                                                      SHA-512:4CDD2BA12FC42CA5D6B21702579AFF0AA5A4C43B334D29EB9932C9750F46BD1B11D0B1F66407E3606CC0F15CD24D99F2CBD88A937C70C58A7AFA75720C5D5AD8
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"3ba649bc-be47-4b92-8762-21cab57bda3b","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-04T13:40:33.697Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                      MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                      SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                      SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                      SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                      MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                      SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                      SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                      SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):24
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                      MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                      SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                      SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                      SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):24
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                      MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                      SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                      SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                      SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                      MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                                      SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                                      SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                                      SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):66
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                      MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                      SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                      SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                      SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):66
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                      MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                      SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                      SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                      SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.1867463390487
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                                                                                                                                                                                                                                                                      MD5:98875950B62B398FFE70C0A8D0998017
                                                                                                                                                                                                                                                                                                                                      SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                                                                                                                                                                                                                                                                      SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                                                                                                                                                                                                                                                                      SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.1867463390487
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                                                                                                                                                                                                                                                                      MD5:98875950B62B398FFE70C0A8D0998017
                                                                                                                                                                                                                                                                                                                                      SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                                                                                                                                                                                                                                                                      SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                                                                                                                                                                                                                                                                      SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                      MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                      SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                      SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                      SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                      MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                      SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                      SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                      SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                      MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                      SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                      SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                      SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):116
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                      MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                      SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                      SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                      SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):116
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                      MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                      SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                      SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                      SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.07325690172395352
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zkia:DLhesh7Owd4+jia
                                                                                                                                                                                                                                                                                                                                      MD5:4286BB6710A0668202DA03E8A7EC3C32
                                                                                                                                                                                                                                                                                                                                      SHA1:C9C6F016F094F52DB0E250B9EB9A7E2DB0DCF68A
                                                                                                                                                                                                                                                                                                                                      SHA-256:AB47B94493CDC4290B99086BE63223310B24D883265C2EC7FB4653A16DC29F6C
                                                                                                                                                                                                                                                                                                                                      SHA-512:A743CD9AE78CEDF7ACE04AA500D93D95F6B18A583637EDB77EB64483B6357EACAF62EEBF967C84767A153AE8E94628F077B39E914404DEC1E859FF5FC5A690A9
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.039385170321426154
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:GHlhVO5lf/m2ZpSiHlhVO5lf/m2ZpS0l8a9//Ylll4llqlyllel4lt:G7VO5lvZP7VO5lvZZL9XIwlio
                                                                                                                                                                                                                                                                                                                                      MD5:9112E31CC0B592863296978EDF6CE1FF
                                                                                                                                                                                                                                                                                                                                      SHA1:103926107F22588099075BF73E431247FED14C85
                                                                                                                                                                                                                                                                                                                                      SHA-256:98104E07E06DCCBB79C8D7C950FCC430609317B61B89627DD4930992A9EF00DE
                                                                                                                                                                                                                                                                                                                                      SHA-512:4206EFC2C9E9F8B820C4025004F650FF29CBD1868CE6EC57BD31F31694812B7FCA396D7383EA2ADBE86C0C841C7B9A15993D31E43356D3D335A3631D8CD3E7B6
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:..-........................l[..vZ..v..P...8..G[...-........................l[..vZ..v..P...8..G[.........................................................'...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):163992
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.13374500812942086
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:K1kVfkmELxsZ+PB2zxsMlCXsMzqCFZ7pCF6C5WUCuSCCQE/HaaKCc7RCGOxsaD2S:HMxQA2VJCXs4qLWeJa1Vy50WZk
                                                                                                                                                                                                                                                                                                                                      MD5:7AACA56A22CCAF1853E108D6A01E9FD0
                                                                                                                                                                                                                                                                                                                                      SHA1:264438A606361A6F5C4EAD3E6764D4637B33590F
                                                                                                                                                                                                                                                                                                                                      SHA-256:C38311F7753AA18B06238753BB62C10C23BFBEA6E9F7BF5413C878CDE983D282
                                                                                                                                                                                                                                                                                                                                      SHA-512:A5FB901A83A2487B090A0ED6A7CF7E96C1C6D98D3B5F43C97A3B258CA757E4AA6CE472DFC7238074B7E9B625370E08C8A462A0F3962739CF054526A6496B1C79
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:7....-..........Z..v..P.L..m.j.........Z..v..P.bS....(.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.47738017517297
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:192:KnPOeRnLYbBp6pJ0aX+t6SEXKzPN7S5RHWNBw8s2Sl:4DeQJU0qFeHEw00
                                                                                                                                                                                                                                                                                                                                      MD5:B05BC0E1B25F3D2A05092698D5ADF9C9
                                                                                                                                                                                                                                                                                                                                      SHA1:54F953E052757AF000BEB02A1160B2095A96F9E7
                                                                                                                                                                                                                                                                                                                                      SHA-256:6856543EC8862724F5EC6F0094D34F48F20427DD2C17F48286F59B648D98F958
                                                                                                                                                                                                                                                                                                                                      SHA-512:1E5F62625388C541FA4F736BD55FE73FEC98A55A74F0EFD7290AEBE30BED2C57E85FB483AA7C82FF9DB0B5CBB974B8306419C1244B2295126C48B4C9429A5B9F
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1740425475);..user_pref("app.update.lastUpdateTime.background-update-timer", 1740425475);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1740425475);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 174042

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.47738017517297
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:192:KnPOeRnLYbBp6pJ0aX+t6SEXKzPN7S5RHWNBw8s2Sl:4DeQJU0qFeHEw00
                                                                                                                                                                                                                                                                                                                                      MD5:B05BC0E1B25F3D2A05092698D5ADF9C9
                                                                                                                                                                                                                                                                                                                                      SHA1:54F953E052757AF000BEB02A1160B2095A96F9E7
                                                                                                                                                                                                                                                                                                                                      SHA-256:6856543EC8862724F5EC6F0094D34F48F20427DD2C17F48286F59B648D98F958
                                                                                                                                                                                                                                                                                                                                      SHA-512:1E5F62625388C541FA4F736BD55FE73FEC98A55A74F0EFD7290AEBE30BED2C57E85FB483AA7C82FF9DB0B5CBB974B8306419C1244B2295126C48B4C9429A5B9F
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1740425475);..user_pref("app.update.lastUpdateTime.background-update-timer", 1740425475);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1740425475);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 174042

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                                      MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                                      SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                                      SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                                      SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\dc8549f1-d2f2-4a8f-a687-1e2768a07619 (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):493
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.959934549719253
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12:YZFgoUuO7a6NxIVHlW8cOlZGV1AQIYzvZcyBuLZGAvxn:YVUNXSlCOlZGV1AQIWZcy6ZXvx
                                                                                                                                                                                                                                                                                                                                      MD5:A31075CB9E39EF7EE9F9D14E6A4D89A1
                                                                                                                                                                                                                                                                                                                                      SHA1:FBB53EF46A3170F6179773283FCB9E32180E6FBD
                                                                                                                                                                                                                                                                                                                                      SHA-256:F21E634C2661CB5A7F6DE6F213B90D3FD429381EF8F237C9BD96C61C1964EE3C
                                                                                                                                                                                                                                                                                                                                      SHA-512:574E836026B12C88FC2BBFD1DB3E90FF040B11AE9436E5470E4D5F7B839C8FCEC11C08F87D901F39702BE08B690C529C9537B99FB632A6CD047C7D168009A8D4
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"type":"health","id":"dc8549f1-d2f2-4a8f-a687-1e2768a07619","creationDate":"2025-02-24T19:31:46.246Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"os":{"name":"WINNT","version":"10.0"},"reason":"immediate","sendFailure":{"eUnreachable":1}},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95"}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\dc8549f1-d2f2-4a8f-a687-1e2768a07619.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):493
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.959934549719253
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:12:YZFgoUuO7a6NxIVHlW8cOlZGV1AQIYzvZcyBuLZGAvxn:YVUNXSlCOlZGV1AQIWZcy6ZXvx
                                                                                                                                                                                                                                                                                                                                      MD5:A31075CB9E39EF7EE9F9D14E6A4D89A1
                                                                                                                                                                                                                                                                                                                                      SHA1:FBB53EF46A3170F6179773283FCB9E32180E6FBD
                                                                                                                                                                                                                                                                                                                                      SHA-256:F21E634C2661CB5A7F6DE6F213B90D3FD429381EF8F237C9BD96C61C1964EE3C
                                                                                                                                                                                                                                                                                                                                      SHA-512:574E836026B12C88FC2BBFD1DB3E90FF040B11AE9436E5470E4D5F7B839C8FCEC11C08F87D901F39702BE08B690C529C9537B99FB632A6CD047C7D168009A8D4
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"type":"health","id":"dc8549f1-d2f2-4a8f-a687-1e2768a07619","creationDate":"2025-02-24T19:31:46.246Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"os":{"name":"WINNT","version":"10.0"},"reason":"immediate","sendFailure":{"eUnreachable":1}},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95"}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):90
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                      MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                      SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                      SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                      SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):90
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                      MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                      SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                      SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                      SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):1569
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.331503091544407
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:v+USUGlcAxSqwNLXnIry/pnxQwRcWT5sKmgb0x3eHVpjO+qamhujJwO2c0Tizbm8:GUpOxeNznRcoeg23erjxq4Jwc3zlBtT
                                                                                                                                                                                                                                                                                                                                      MD5:B476E0314018B571DA2E0A9E5886958C
                                                                                                                                                                                                                                                                                                                                      SHA1:A0569820178E2A0AB6B3B913EA0C21D1316A4215
                                                                                                                                                                                                                                                                                                                                      SHA-256:CA58385D478149AF622C751D03E789C2714689EF4D9CC7C1B7D904EE0997C74E
                                                                                                                                                                                                                                                                                                                                      SHA-512:EDBA5B0CEC4A680CFE4871D17ED104938CB5C07FCA1854546184BE5F193CEA393850586C0DC30ADD1AFD1D126D0C5FAEEF5FB975F33A1D249FA03E6A3111E202
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{3d2d3018-bfd7-4d13-822a-3e6163da4c36}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1740425481018,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2150633470....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate...9,"startTim..P45468...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...51187,"originA...."f

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):1569
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.331503091544407
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:v+USUGlcAxSqwNLXnIry/pnxQwRcWT5sKmgb0x3eHVpjO+qamhujJwO2c0Tizbm8:GUpOxeNznRcoeg23erjxq4Jwc3zlBtT
                                                                                                                                                                                                                                                                                                                                      MD5:B476E0314018B571DA2E0A9E5886958C
                                                                                                                                                                                                                                                                                                                                      SHA1:A0569820178E2A0AB6B3B913EA0C21D1316A4215
                                                                                                                                                                                                                                                                                                                                      SHA-256:CA58385D478149AF622C751D03E789C2714689EF4D9CC7C1B7D904EE0997C74E
                                                                                                                                                                                                                                                                                                                                      SHA-512:EDBA5B0CEC4A680CFE4871D17ED104938CB5C07FCA1854546184BE5F193CEA393850586C0DC30ADD1AFD1D126D0C5FAEEF5FB975F33A1D249FA03E6A3111E202
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{3d2d3018-bfd7-4d13-822a-3e6163da4c36}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1740425481018,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2150633470....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate...9,"startTim..P45468...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...51187,"originA...."f

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):1569
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.331503091544407
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:v+USUGlcAxSqwNLXnIry/pnxQwRcWT5sKmgb0x3eHVpjO+qamhujJwO2c0Tizbm8:GUpOxeNznRcoeg23erjxq4Jwc3zlBtT
                                                                                                                                                                                                                                                                                                                                      MD5:B476E0314018B571DA2E0A9E5886958C
                                                                                                                                                                                                                                                                                                                                      SHA1:A0569820178E2A0AB6B3B913EA0C21D1316A4215
                                                                                                                                                                                                                                                                                                                                      SHA-256:CA58385D478149AF622C751D03E789C2714689EF4D9CC7C1B7D904EE0997C74E
                                                                                                                                                                                                                                                                                                                                      SHA-512:EDBA5B0CEC4A680CFE4871D17ED104938CB5C07FCA1854546184BE5F193CEA393850586C0DC30ADD1AFD1D126D0C5FAEEF5FB975F33A1D249FA03E6A3111E202
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{3d2d3018-bfd7-4d13-822a-3e6163da4c36}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1740425481018,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2150633470....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate...9,"startTim..P45468...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...51187,"originA...."f

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 6, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):2.0836444556178684
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24:JBwdh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jnEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                                      MD5:8B40B1534FF0F4B533AF767EB5639A05
                                                                                                                                                                                                                                                                                                                                      SHA1:63EDB539EA39AD09D701A36B535C4C087AE08CC9
                                                                                                                                                                                                                                                                                                                                      SHA-256:AF275A19A5C2C682139266065D90C237282274D11C5619A121B7BDBDB252861B
                                                                                                                                                                                                                                                                                                                                      SHA-512:54AF707698CED33C206B1B193DA414D630901762E88E37E99885A50D4D5F8DDC28367C9B401DFE251CF0552B4FA446EE28F78A97C9096AFB0F2898BFBB673B53
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.029167590025477
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:96:yckMTEr5/lLmI2Ac1zzcxvbw6Kkgrc2Rn27:PTEr5NX0z3DhRe
                                                                                                                                                                                                                                                                                                                                      MD5:AA7325EA41B50E46269A4213216ABCE4
                                                                                                                                                                                                                                                                                                                                      SHA1:8ABA17AC0EC3F97589F2EF86C127F90BC35C8D66
                                                                                                                                                                                                                                                                                                                                      SHA-256:A8E724659AFFD0D801C9819167E4684D8ABA3CB7C4B5A5F608416C8EFDC014A2
                                                                                                                                                                                                                                                                                                                                      SHA-512:B4FD45AE6A7F8BB8A35BBFEAC6E3354222FCE08B919D69A2A830877F6F005DA810CEC26B98CD337F61DAC7B354A5513289D44144EE7669486FFA5EF0ADD31251
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-24T19:31:00.806Z","profileAgeCreated":1696426830133,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                                                                      Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):5.029167590025477
                                                                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                                                                      SSDEEP:96:yckMTEr5/lLmI2Ac1zzcxvbw6Kkgrc2Rn27:PTEr5NX0z3DhRe
                                                                                                                                                                                                                                                                                                                                      MD5:AA7325EA41B50E46269A4213216ABCE4
                                                                                                                                                                                                                                                                                                                                      SHA1:8ABA17AC0EC3F97589F2EF86C127F90BC35C8D66
                                                                                                                                                                                                                                                                                                                                      SHA-256:A8E724659AFFD0D801C9819167E4684D8ABA3CB7C4B5A5F608416C8EFDC014A2
                                                                                                                                                                                                                                                                                                                                      SHA-512:B4FD45AE6A7F8BB8A35BBFEAC6E3354222FCE08B919D69A2A830877F6F005DA810CEC26B98CD337F61DAC7B354A5513289D44144EE7669486FFA5EF0ADD31251
                                                                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                                                                      Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-24T19:31:00.806Z","profileAgeCreated":1696426830133,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                      Static File Info

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                      Entropy (8bit):6.699532679693213
                                                                                                                                                                                                                                                                                                                                      TrID:
                                                                                                                                                                                                                                                                                                                                      • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                      • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                      • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                      File name:random.exe
                                                                                                                                                                                                                                                                                                                                      File size:968'704 bytes
                                                                                                                                                                                                                                                                                                                                      MD5:e9a8537a4efba5386c2a5adf0355eb4b
                                                                                                                                                                                                                                                                                                                                      SHA1:485d296515a96ef01972021da0571c5c03192b21
                                                                                                                                                                                                                                                                                                                                      SHA256:e1cf2ba38614911db7f8a5f595b03697f76c79fe0de026f3571090db401b2c25
                                                                                                                                                                                                                                                                                                                                      SHA512:16aa58d8996ad1e529ebe27ab98c637b1550f686976959bc0e53db183ef33f7345964fa728fc9fcafedc8463954e11cb129c69cf4757d7a1287a9c6f0349b4c9
                                                                                                                                                                                                                                                                                                                                      SSDEEP:24576:mqDEvCTbMWu7rQYlBQcBiT6rprG8a2CWuR:mTvC/MTQYxsWR7a2v
                                                                                                                                                                                                                                                                                                                                      TLSH:46259E027391C062FF9B92334F5AF6515BBC69260123E61F13A81DB9BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                                      File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                                      File Icon

                                                                                                                                                                                                                                                                                                                                      Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                                      Static PE Info

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                                      Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                      Digitally signed:false
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                      Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                      Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                      DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                      Time Stamp:0x67BA0BD9 [Sat Feb 22 17:39:37 2025 UTC]
                                                                                                                                                                                                                                                                                                                                      TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                      CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                      OS Version Major:5
                                                                                                                                                                                                                                                                                                                                      OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                      File Version Major:5
                                                                                                                                                                                                                                                                                                                                      File Version Minor:1
                                                                                                                                                                                                                                                                                                                                      Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                      Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                      Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                                      Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                      Instruction
                                                                                                                                                                                                                                                                                                                                      call 00007F5D7CBC0CE3h
                                                                                                                                                                                                                                                                                                                                      jmp 00007F5D7CBC05EFh
                                                                                                                                                                                                                                                                                                                                      push ebp
                                                                                                                                                                                                                                                                                                                                      mov ebp, esp
                                                                                                                                                                                                                                                                                                                                      push esi
                                                                                                                                                                                                                                                                                                                                      push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                      mov esi, ecx
                                                                                                                                                                                                                                                                                                                                      call 00007F5D7CBC07CDh
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                      mov eax, esi
                                                                                                                                                                                                                                                                                                                                      pop esi
                                                                                                                                                                                                                                                                                                                                      pop ebp
                                                                                                                                                                                                                                                                                                                                      retn 0004h
                                                                                                                                                                                                                                                                                                                                      and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                      mov eax, ecx
                                                                                                                                                                                                                                                                                                                                      and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                      ret
                                                                                                                                                                                                                                                                                                                                      push ebp
                                                                                                                                                                                                                                                                                                                                      mov ebp, esp
                                                                                                                                                                                                                                                                                                                                      push esi
                                                                                                                                                                                                                                                                                                                                      push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                      mov esi, ecx
                                                                                                                                                                                                                                                                                                                                      call 00007F5D7CBC079Ah
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                      mov eax, esi
                                                                                                                                                                                                                                                                                                                                      pop esi
                                                                                                                                                                                                                                                                                                                                      pop ebp
                                                                                                                                                                                                                                                                                                                                      retn 0004h
                                                                                                                                                                                                                                                                                                                                      and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                      mov eax, ecx
                                                                                                                                                                                                                                                                                                                                      and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                      ret
                                                                                                                                                                                                                                                                                                                                      push ebp
                                                                                                                                                                                                                                                                                                                                      mov ebp, esp
                                                                                                                                                                                                                                                                                                                                      push esi
                                                                                                                                                                                                                                                                                                                                      mov esi, ecx
                                                                                                                                                                                                                                                                                                                                      lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                      and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                                      and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                      push eax
                                                                                                                                                                                                                                                                                                                                      mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                      add eax, 04h
                                                                                                                                                                                                                                                                                                                                      push eax
                                                                                                                                                                                                                                                                                                                                      call 00007F5D7CBC338Dh
                                                                                                                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                                                                                                                      mov eax, esi
                                                                                                                                                                                                                                                                                                                                      pop esi
                                                                                                                                                                                                                                                                                                                                      pop ebp
                                                                                                                                                                                                                                                                                                                                      retn 0004h
                                                                                                                                                                                                                                                                                                                                      lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                      push eax
                                                                                                                                                                                                                                                                                                                                      call 00007F5D7CBC33D8h
                                                                                                                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                                                                                                                      ret
                                                                                                                                                                                                                                                                                                                                      push ebp
                                                                                                                                                                                                                                                                                                                                      mov ebp, esp
                                                                                                                                                                                                                                                                                                                                      push esi
                                                                                                                                                                                                                                                                                                                                      mov esi, ecx
                                                                                                                                                                                                                                                                                                                                      lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                      mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                      push eax
                                                                                                                                                                                                                                                                                                                                      call 00007F5D7CBC33C1h
                                                                                                                                                                                                                                                                                                                                      test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                      pop ecx

                                                                                                                                                                                                                                                                                                                                      Rich Headers

                                                                                                                                                                                                                                                                                                                                      Programming Language:
                                                                                                                                                                                                                                                                                                                                      • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                      • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                      Data Directories

                                                                                                                                                                                                                                                                                                                                      NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x15de4.rsrc
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0xea0000x7594.reloc
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                      Sections

                                                                                                                                                                                                                                                                                                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                      .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                      .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                      .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                      .rsrc0xd40000x15de40x15e00ca73268a3cc07e85379d525def8d1fecFalse0.6988950892857143data7.15175121262472IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                      .reloc0xea0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                      Resources

                                                                                                                                                                                                                                                                                                                                      NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                                      RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                                      RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                                      RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                                      RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                                      RT_RCDATA0xdc8fc0xcf66data1.0004896975176103
                                                                                                                                                                                                                                                                                                                                      RT_GROUP_ICON0xe98640x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                                      RT_GROUP_ICON0xe98dc0x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                      RT_GROUP_ICON0xe98f00x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                                      RT_GROUP_ICON0xe99040x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                      RT_VERSION0xe99180xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                                      RT_MANIFEST0xe99f40x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                                      Imports

                                                                                                                                                                                                                                                                                                                                      DLLImport
                                                                                                                                                                                                                                                                                                                                      WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                                      VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                                      WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                                      COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                                      MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                                      WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                                      PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                                      IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                                      USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                                      UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                                      KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                                      USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                                      GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                                      COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                                      ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                                      SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                                      ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                                      OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                                      Version Infos

                                                                                                                                                                                                                                                                                                                                      DescriptionData
                                                                                                                                                                                                                                                                                                                                      Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                                      Possible Origin

                                                                                                                                                                                                                                                                                                                                      Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                      EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                                      Network Behavior

                                                                                                                                                                                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                                                                                                                                                                                      TCP Packets

                                                                                                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.890611887 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.890650988 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.890768051 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.925705910 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.925735950 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.415503025 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.417084932 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.427397013 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.427411079 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.427593946 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.427690029 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.429526091 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.629880905 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.629935026 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.630450010 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.630500078 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.641099930 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.641103029 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.642932892 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.642950058 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.644278049 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.644293070 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.722711086 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.727902889 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.735210896 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.735513926 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.740509987 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.189513922 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.279225111 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.279247999 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.279319048 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.280260086 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.280431032 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.284149885 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.284162998 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.284215927 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.285747051 CET44349712172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.285800934 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.286060095 CET49712443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.291882992 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.291898012 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.292093992 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.292893887 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.297153950 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.304138899 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.304147005 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.304208994 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.304346085 CET44349711172.217.16.206192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.306096077 CET49711443192.168.2.5172.217.16.206
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.313040018 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.313083887 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.313237906 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.314671993 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.314686060 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444354057 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444402933 CET4434971635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444758892 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444902897 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444916010 CET4434971635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.445262909 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.445271015 CET4434971734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.445400953 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.446793079 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.446799994 CET4434971734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.488394022 CET4971880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.493557930 CET804971834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.494972944 CET4971880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.495101929 CET4971880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.501972914 CET804971834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.783085108 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.783214092 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787260056 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787283897 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787483931 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787523985 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787540913 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787916899 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.787962914 CET4434971934.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.788130045 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.789524078 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.789541006 CET4434971934.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.915862083 CET4434971635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.915941954 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.919600964 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.919616938 CET4434971635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.920030117 CET4434971635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.922502041 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.922616959 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.922699928 CET4434971635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.923003912 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.925967932 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.925990105 CET49716443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.926140070 CET4434971734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.926215887 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.928114891 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931267023 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931277990 CET4434971734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931368113 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931569099 CET4434971734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931756020 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931797981 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.934612989 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.934613943 CET49717443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.936027050 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.936047077 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.937805891 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.937913895 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.940953016 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.941107035 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.941144943 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.961658955 CET804971834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.966312885 CET4971880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.971677065 CET804971834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.975377083 CET4971880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.999339104 CET4434971534.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.003528118 CET49715443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.019669056 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.035331011 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.040643930 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.040793896 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.266964912 CET4434971934.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.267149925 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.271255016 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.271286011 CET4434971934.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.271351099 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.271526098 CET4434971934.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.271593094 CET49719443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.388922930 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.394079924 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.404781103 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.407078028 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.415762901 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.419341087 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.420391083 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.420826912 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.423718929 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.423736095 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.424190998 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.426125050 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.426189899 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.426392078 CET4434972134.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.427175999 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.427196980 CET49721443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.427875042 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.430316925 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.434360027 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.434372902 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.434465885 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.434614897 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.434698105 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.861149073 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.968708992 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.310285091 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.315419912 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.321511030 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.321569920 CET4434973134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.324135065 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.324259043 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.324414015 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.325933933 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.325964928 CET4434973134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.329404116 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.531863928 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.531961918 CET4434973344.231.111.180192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.534795046 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.536111116 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.536142111 CET4434973344.231.111.180192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.787544966 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.790822029 CET4434973134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.790894985 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.818727970 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.818727970 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.818753958 CET4434973134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.818979025 CET4434973134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.819102049 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.819209099 CET4434973434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.823101044 CET49731443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.823137999 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.824553013 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.824589968 CET4434973434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.878940105 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.307883024 CET4434973434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.308191061 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.313405991 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.313450098 CET4434973434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.313530922 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.313646078 CET4434973434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.313715935 CET49734443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.327265978 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.329013109 CET4434973344.231.111.180192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.332523108 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.339345932 CET4434973344.231.111.180192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.342849970 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.357043982 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.357043982 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.357109070 CET4434973344.231.111.180192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.357456923 CET4434973344.231.111.180192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.358280897 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.358309984 CET49733443192.168.2.544.231.111.180
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.424420118 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.480715990 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.800863981 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.806253910 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.900366068 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.947233915 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974069118 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974168062 CET4434975035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974759102 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974762917 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974792957 CET4434975134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974912882 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.974946976 CET4434975035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.975075006 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.976483107 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.976495028 CET4434975134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.286029100 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.291171074 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.294873953 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.294920921 CET4434975234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.306098938 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.307688951 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.307704926 CET4434975234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.454035997 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.506648064 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.554260969 CET4434975035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.556720972 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.558841944 CET4434975134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.559747934 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.559758902 CET4434975035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.560089111 CET4434975035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.562252045 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.562345028 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.562458992 CET4434975035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.562616110 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.562634945 CET49750443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.562659979 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.567374945 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.567374945 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.567394018 CET4434975134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.567615032 CET4434975134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.572114944 CET49751443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.688642979 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.693702936 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.701716900 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.701761007 CET4434975834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.701831102 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.703242064 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.703253031 CET4434975834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.787192106 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.795030117 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.795080900 CET4434975934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.795437098 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.796874046 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.796895027 CET4434975934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.799082994 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.804204941 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.838804007 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.843722105 CET4434975234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.843741894 CET4434975234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.847563028 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.849482059 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.849512100 CET4434975234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.849553108 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.849849939 CET4434975234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.849924088 CET49752443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.853818893 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.858989000 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.903700113 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.952482939 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.954775095 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.008152008 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.088057995 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.093620062 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.202389002 CET4434975834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.206262112 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.208796024 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.255721092 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.348800898 CET4434975934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.351638079 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.438873053 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.438895941 CET4434975834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.439057112 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.439172983 CET4434975834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.440608978 CET49758443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.441184044 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.441207886 CET4434975934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.441253901 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.441402912 CET4434975934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.442338943 CET49759443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.444124937 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.449099064 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.449490070 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.449532032 CET4434976534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.450368881 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.451776028 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.451792955 CET4434976534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.454667091 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.454710960 CET4434976634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.455297947 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.455390930 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.455399990 CET4434976634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.457914114 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.457938910 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.461129904 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.461487055 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.461499929 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.552135944 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.556337118 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.561366081 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.597443104 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.653578043 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.697743893 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.213555098 CET4434976634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.213617086 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.216345072 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.216360092 CET4434976634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.216603994 CET4434976634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.218738079 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.218827009 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.218878984 CET4434976634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.219331980 CET49766443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.227472067 CET4434976534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.227893114 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.227909088 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.229985952 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.333637953 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.333661079 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.334110022 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.336433887 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.336433887 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.336450100 CET4434976534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.337057114 CET4434976534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.337210894 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.337409019 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.337421894 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.337421894 CET49765443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.337429047 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.547339916 CET4434976734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:07.547642946 CET49767443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.704356909 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710519075 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.804486036 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.852876902 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.146518946 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.151593924 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.230585098 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.230612040 CET4434980234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.231301069 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.232759953 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.232779980 CET4434980234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.243438959 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.285387993 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.751744986 CET4434980234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.751832008 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.197981119 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.198059082 CET4434980234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.198091030 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.198331118 CET4434980234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.198421955 CET49802443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.221394062 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.226450920 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.319778919 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.373047113 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.447350979 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.452464104 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.552824020 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.604914904 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.257065058 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.257097006 CET4434987534.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.257163048 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.258640051 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.258656025 CET4434987534.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.334580898 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.339771986 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.573419094 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.579338074 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.751601934 CET4434987534.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.751698971 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.755709887 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.755734921 CET4434987534.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.755803108 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.755918026 CET4434987534.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.758125067 CET49875443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.759053946 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.765722990 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.857520103 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.861262083 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.868148088 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.905118942 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.964240074 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:24.005409956 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.753276110 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.753334999 CET4434989935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.755770922 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.755980968 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.755995989 CET4434989935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.782725096 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.782768965 CET4434990034.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.783827066 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.783966064 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.783984900 CET4434990034.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788077116 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788094997 CET44349901151.101.129.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788224936 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788387060 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788397074 CET44349901151.101.129.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.816593885 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.816644907 CET4434990235.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.821021080 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.822618008 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.822634935 CET4434990235.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.836328983 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.836374044 CET4434990334.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.839559078 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.841124058 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.841156006 CET4434990334.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.250576973 CET4434989935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.250662088 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.253732920 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.253741026 CET4434989935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.254055023 CET4434989935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.256412029 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.256509066 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.256603956 CET4434989935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.258560896 CET49899443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.258609056 CET4434990034.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.258694887 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.262069941 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.262089014 CET4434990034.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.262357950 CET4434990034.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.262409925 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.264928102 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.265017986 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.265120983 CET4434990034.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.266125917 CET49900443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.267819881 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.283550024 CET44349901151.101.129.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.284094095 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.287341118 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.287349939 CET44349901151.101.129.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.287596941 CET44349901151.101.129.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.289586067 CET4434990235.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.289664030 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.289813042 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.289833069 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.289975882 CET44349901151.101.129.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.294131041 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.294138908 CET4434990235.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.294200897 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.294316053 CET4434990235.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.295124054 CET49901443192.168.2.5151.101.129.91
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.295135975 CET49902443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.298377991 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.298413992 CET4434990835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.298516035 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.298599958 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.298609972 CET4434990835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.301407099 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.301439047 CET4434990935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.301892996 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.302007914 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.302018881 CET4434990935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.303117037 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.303143978 CET4434991035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.303236961 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.303345919 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.303364038 CET4434991035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.329572916 CET4434990334.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.329691887 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.333789110 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.333815098 CET4434990334.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.333879948 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.334014893 CET4434990334.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.334620953 CET49903443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.347573996 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.347621918 CET4434991234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.350384951 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.350487947 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.350498915 CET4434991234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.361238956 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.364270926 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.369663000 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.415282965 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.462275982 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.515579939 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.760713100 CET4434991035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.760788918 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.763806105 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.763818026 CET4434991035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.764048100 CET4434991035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.766333103 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.766438007 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.766590118 CET4434991035.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.766683102 CET4434990935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.768992901 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.769293070 CET49910443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.769494057 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.772041082 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.772047997 CET4434990935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.772289038 CET4434990935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.774149895 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.774471998 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.774537086 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.774611950 CET4434990935.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.774781942 CET49909443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.775438070 CET4434990835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.775512934 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.778208017 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.778217077 CET4434990835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.778568983 CET4434990835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.780062914 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.780147076 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.780266047 CET4434990835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.782253027 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.782279968 CET49908443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.798412085 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.803479910 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.804258108 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.804416895 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.809403896 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.844023943 CET4434991234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.844150066 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.847332001 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.847352028 CET4434991234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.847606897 CET4434991234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.849714041 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.849832058 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.849872112 CET4434991234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.854831934 CET49912443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.868740082 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.891890049 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.897907972 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.932394981 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.990135908 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.032680988 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425324917 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425338030 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425348043 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425467968 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426549911 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426562071 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426573992 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426613092 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426740885 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429203987 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429241896 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429254055 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429326057 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.431742907 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.431762934 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.431773901 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.431953907 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.434324980 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.434336901 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.434391975 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.434534073 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.434545994 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.434998989 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516166925 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516177893 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516185999 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516238928 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516248941 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516251087 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516263962 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516294956 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.516313076 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.517294884 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.517358065 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.517369986 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.517381907 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.517436028 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.517759085 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.519974947 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.519985914 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.519998074 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.520037889 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.520167112 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.520201921 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.520214081 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.520229101 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.520330906 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522542000 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522555113 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522566080 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522641897 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522835016 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522845984 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522859097 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.522887945 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525073051 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525130987 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525132895 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525146008 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525157928 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525213957 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525434971 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525454044 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.525501013 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607048035 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607070923 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607081890 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607173920 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607250929 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607263088 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607275009 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607285976 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607297897 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607311010 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607330084 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607342005 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607342958 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.607410908 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608063936 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608074903 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608123064 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608174086 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608244896 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608309984 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608321905 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608334064 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608345032 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608355999 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608367920 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608377934 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608380079 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.608448982 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.609131098 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.609186888 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610721111 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610786915 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610797882 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610809088 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610833883 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610841036 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610948086 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.610984087 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.611048937 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.611059904 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.611068010 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.611072063 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.611085892 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.611155987 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613704920 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613743067 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613754034 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613866091 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613878012 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613890886 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613897085 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613902092 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613915920 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613925934 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613928080 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613936901 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.613950014 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.614034891 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616038084 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616054058 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616065979 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616076946 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616090059 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616092920 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616106987 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616122007 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616225958 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616274118 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616306067 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.616439104 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.656465054 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.656580925 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.656590939 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.656601906 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.656797886 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697793961 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697807074 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697819948 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697830915 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697843075 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697858095 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697913885 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697917938 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697968960 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.697979927 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698069096 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698141098 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698152065 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698163986 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698174953 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698185921 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698210955 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698503017 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698514938 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698527098 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698553085 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698623896 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698873043 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698925018 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698949099 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698961973 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698971987 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.698987007 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699001074 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699091911 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699184895 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699196100 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699208021 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699220896 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699233055 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699249983 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699402094 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699412107 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.699461937 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701469898 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701529026 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701546907 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701559067 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701570988 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701590061 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701663017 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701674938 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701684952 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701697111 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701833010 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701872110 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701925993 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701967955 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701978922 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.701989889 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702003002 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702018023 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702086926 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702300072 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702320099 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702354908 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702368021 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702379942 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702390909 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.702457905 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704153061 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704204082 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704216003 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704303026 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704329014 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704334021 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704348087 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704356909 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704358101 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704374075 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704386950 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704400063 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704476118 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704478025 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704554081 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704571009 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704583883 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704595089 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704607010 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704660892 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.704982996 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.705003023 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.705014944 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.705070972 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.705081940 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.705092907 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.705212116 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706815958 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706912994 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706923008 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706933022 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706939936 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706952095 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706964016 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706975937 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.706999063 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707036018 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707101107 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707112074 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707123041 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707134008 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707178116 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707273960 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707321882 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707355976 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707401991 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707402945 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707412958 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707425117 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.707492113 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747386932 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747404099 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747416019 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747426987 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747442961 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747448921 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.747585058 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788572073 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788603067 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788616896 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788656950 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788671017 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788696051 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788707018 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788718939 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788727045 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788731098 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788744926 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788808107 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788825989 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788866997 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788878918 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788891077 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788902044 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.788959980 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789000988 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789103031 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789113998 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789125919 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789136887 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789150953 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789163113 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789175034 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789254904 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789299011 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789382935 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789393902 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789407015 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789417982 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789428949 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789439917 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789452076 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789633989 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789644957 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789655924 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789710045 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789722919 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789737940 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789752007 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789800882 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789848089 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789874077 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789892912 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789956093 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789967060 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.789980888 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790003061 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790018082 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790077925 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790088892 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790133953 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790157080 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790234089 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790246964 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790265083 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790275097 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790348053 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790359974 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790370941 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790374994 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.790458918 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792180061 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792217016 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792452097 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792460918 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792474985 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792493105 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792613029 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792633057 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792644024 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792661905 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792671919 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792691946 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792705059 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792716980 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792727947 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792743921 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792754889 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792768002 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792792082 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792802095 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792813063 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792824030 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792834044 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792845011 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792856932 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792869091 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792881012 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.792912006 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.793514967 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.793668985 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.793689966 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794800997 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794825077 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794836998 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794848919 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794905901 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794923067 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794934988 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794945955 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794960976 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794975996 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794979095 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.794990063 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795090914 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795136929 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795149088 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795161009 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795192003 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795207024 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795233965 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795258999 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795298100 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795320034 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795336008 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795372963 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795386076 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795397043 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795408964 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795433044 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795437098 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.795490026 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797744036 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797765970 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797777891 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797790051 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797813892 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797817945 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797856092 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797867060 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797883987 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797894955 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797907114 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797910929 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797919989 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797931910 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797944069 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.797967911 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.798008919 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.798171043 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879306078 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879374981 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879391909 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879455090 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879468918 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879483938 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879507065 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879520893 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879549026 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879576921 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879599094 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879614115 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879628897 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879643917 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879654884 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879673004 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879683018 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879694939 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879705906 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879723072 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879734993 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879785061 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879844904 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879859924 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879970074 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879983902 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.879997969 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880012035 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880026102 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880040884 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880057096 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880073071 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880088091 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880121946 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880136967 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880151033 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880162954 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880570889 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880759954 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880783081 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880795002 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880822897 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880841970 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880851984 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880863905 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880873919 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880887985 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880903006 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880918980 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880934000 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880944014 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880955935 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880965948 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880976915 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.880989075 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.881004095 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.881016016 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.881026983 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.881037951 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.881051064 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.881067038 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882232904 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882518053 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882576942 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882618904 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882674932 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882730007 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882786036 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882983923 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.882996082 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883014917 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883035898 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883039951 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883059978 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883091927 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883097887 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883112907 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883126974 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883140087 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883162975 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883188009 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883199930 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883218050 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883238077 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883250952 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883259058 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883271933 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883281946 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883292913 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883311033 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883364916 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883378029 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883388042 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883404016 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883415937 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883428097 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883429050 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883462906 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883486032 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883490086 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.883541107 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885634899 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885705948 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885719061 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885726929 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885737896 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885798931 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885807037 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885818958 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885847092 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885864973 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885873079 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885879993 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885890007 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885902882 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885916948 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885931015 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885946035 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885967970 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.885984898 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886030912 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886034012 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886095047 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886117935 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886132956 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886156082 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886224031 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886297941 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.886322975 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888565063 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888581991 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888601065 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888612986 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888622999 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888636112 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888654947 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888665915 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888676882 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888688087 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888700008 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.888711929 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.891016006 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.891227007 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.028641939 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.033833981 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.128242016 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.134560108 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.139590025 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.170691013 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.231858015 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.279387951 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:38.896197081 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:38.901235104 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:43.130954981 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:43.136085987 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:43.246862888 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:43.251904011 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.010730028 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.010775089 CET4435001934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.011513948 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.012981892 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.012996912 CET4435001934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.493586063 CET4435001934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.493745089 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.498043060 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.498064041 CET4435001934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.498164892 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.498294115 CET4435001934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.499560118 CET50019443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.501391888 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.506458044 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.599648952 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.602690935 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.607749939 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.650312901 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.700689077 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.750711918 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:48.909549952 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:48.914690018 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:54.609610081 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:54.614778042 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:54.709925890 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:54.714979887 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.078013897 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.078047991 CET4435002134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.078327894 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.078520060 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.078538895 CET4435002134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.094377041 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.094425917 CET4435002234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.095447063 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.095616102 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.095629930 CET4435002234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.564359903 CET4435002134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.564517975 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.564656019 CET4435002234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.564727068 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.567982912 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.567996979 CET4435002134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.568272114 CET4435002134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.570456982 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.570477009 CET4435002234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.570769072 CET4435002234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.574476004 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.574686050 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.574708939 CET4435002134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.575037956 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.575103045 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.575248957 CET4435002234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.575279951 CET50021443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.575321913 CET50022443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.579005003 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.583610058 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.583647966 CET4435002334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.584114075 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.586633921 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.586769104 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.586791039 CET4435002334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.590348005 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.590449095 CET4435002434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.591229916 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.591360092 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.591392994 CET4435002434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.594445944 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.594480038 CET4435002534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.600869894 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.601083994 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.601100922 CET4435002534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.677653074 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.698810101 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.703950882 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.733757973 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.795644045 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.849692106 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.047538042 CET4435002434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.047662973 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.051304102 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.051321983 CET4435002434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.051557064 CET4435002434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.053549051 CET4435002334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.056631088 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.059211016 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.059221029 CET4435002334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.059510946 CET4435002334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.060189009 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.060276985 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.060401917 CET4435002434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.063829899 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.063913107 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.064012051 CET4435002334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.067133904 CET50024443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.067150116 CET50023443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.068802118 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.073924065 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.078347921 CET4435002534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.082467079 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.086229086 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.086241007 CET4435002534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.086577892 CET4435002534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.092717886 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.092792988 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.092966080 CET4435002534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.093641043 CET50025443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.168122053 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.172305107 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.177398920 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.219589949 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.269217968 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.319880962 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.921647072 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.926806927 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.179996014 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.187191963 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.280287981 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.285408974 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.935415030 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.940592051 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.193123102 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.198853970 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.293421984 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.298660040 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.948618889 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.954061031 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.825094938 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.825166941 CET4435002734.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.825700045 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.827222109 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.827238083 CET4435002734.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.281275034 CET4435002734.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.281430006 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.285710096 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.285729885 CET4435002734.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.285799026 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.285991907 CET4435002734.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.287164927 CET50027443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.289006948 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.295690060 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.389751911 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.393661976 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.398824930 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.430022001 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.493577003 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.552335024 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:28.961935043 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:28.967226982 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:35.396348953 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:35.401608944 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:35.496705055 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:35.502264023 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:38.968460083 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:38.973666906 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:45.408339024 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:45.413506985 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:45.508655071 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:45.513902903 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:48.981084108 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:48.986319065 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:55.416301012 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:55.421586037 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:55.516557932 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:55.521789074 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:58.995337009 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:59.000485897 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:05.428942919 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:05.434292078 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:05.529189110 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:05.534580946 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:09.007666111 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:09.012873888 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:15.441672087 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:15.446990013 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:15.541951895 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:15.547302961 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:19.021090984 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:19.026417017 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:24.436929941 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:24.641308069 CET80499132.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:24.641396999 CET4991380192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:25.455415964 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:25.461494923 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:25.555700064 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:25.560846090 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:35.484599113 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:35.490061998 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:35.569267988 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:35.574475050 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.449465990 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.449516058 CET4435002834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.449696064 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.451123953 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.451141119 CET4435002834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.497827053 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.503011942 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.582328081 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.587755919 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.979566097 CET4435002834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.979672909 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.985445023 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.985464096 CET4435002834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.985558987 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.985996962 CET4435002834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.986454964 CET50028443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.988312006 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.994493008 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.087497950 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.091252089 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.098495007 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.130779028 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.188136101 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.230997086 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:56.090701103 CET4973080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:56.095935106 CET804973034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:56.191503048 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:56.196751118 CET804972234.107.221.82192.168.2.5

                                                                                                                                                                                                                                                                                                                                      UDP Packets

                                                                                                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.891175985 CET4949453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.901459932 CET53494941.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.902381897 CET5892553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.909939051 CET53589251.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.607588053 CET6016153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.612428904 CET5478753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.616472006 CET53601611.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.618706942 CET4963053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.620316029 CET53547871.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.626368046 CET53496301.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.635484934 CET5624453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.635703087 CET6378353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.642977953 CET53562441.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.643300056 CET53637831.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.722038984 CET6461453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.729480028 CET53646141.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.301352024 CET6159353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.304878950 CET6108453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.309956074 CET53615931.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.310714960 CET4997853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.312334061 CET53610841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.313194036 CET6191653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.318088055 CET53499781.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.320950985 CET53619161.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.325897932 CET6016953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.334465027 CET53601691.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.436147928 CET4961353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444341898 CET53496131.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444632053 CET5709653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.447616100 CET5367453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.451920033 CET53570961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.454905033 CET53536741.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.465379000 CET6532353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.468214035 CET5732253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.471955061 CET5561153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.474423885 CET53653231.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.477247000 CET53573221.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.481465101 CET53556111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.923533916 CET6286653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931029081 CET53628661.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.938874006 CET5463953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.947345972 CET53546391.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.948519945 CET6343053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.956162930 CET53634301.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.518781900 CET6022853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.519346952 CET5646153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.526715040 CET53564611.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.528099060 CET53602281.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.531122923 CET5893253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.532457113 CET6197153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.539319038 CET53589321.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.541053057 CET53619711.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.541070938 CET6199153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.543181896 CET4920453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.548497915 CET53619911.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.550692081 CET53492041.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.962385893 CET5588853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.970653057 CET53558881.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.980616093 CET5337553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.984160900 CET5473453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.988075018 CET53533751.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.990158081 CET5713953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.991789103 CET53547341.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.992577076 CET6437753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.997478962 CET53571391.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.000149965 CET53643771.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.784580946 CET6224153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.791867971 CET53622411.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.795136929 CET5170853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.802555084 CET53517081.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.813407898 CET4936953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.820719957 CET53493691.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.212682009 CET5476153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.212945938 CET5569853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.213188887 CET5049653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.220321894 CET53504961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.220354080 CET53556981.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET53547611.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.227207899 CET5998553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.234357119 CET53599851.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.235289097 CET6351453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.243024111 CET53635141.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.701540947 CET5566453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.701596022 CET5745253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.702079058 CET5208853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710141897 CET53556641.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET53574521.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710731983 CET6035053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710829020 CET53520881.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.711205959 CET5912653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.711427927 CET5201553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718302011 CET53603501.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718521118 CET53520151.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718612909 CET53591261.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.721857071 CET5226053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.722225904 CET5098753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.729490042 CET53522601.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.730262041 CET53509871.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.730402946 CET4927153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.737998009 CET53492711.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.740128040 CET5091953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.747716904 CET53509191.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.230870008 CET6364653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.238152027 CET53636461.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.255994081 CET6445253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.263979912 CET53644521.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.265446901 CET5552253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.272558928 CET53555221.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.779309034 CET5330753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.787139893 CET53533071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788961887 CET6329153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.796936989 CET53632911.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.797578096 CET6164253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.805978060 CET53616421.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.824769020 CET5473253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.832488060 CET53547321.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.837210894 CET5368553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.844913006 CET53536851.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.851253033 CET6368453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.858798027 CET53636841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.798676014 CET5312653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.807862997 CET53531261.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.808342934 CET6526953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.816035986 CET53652691.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.028887987 CET5878553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.037075996 CET53587851.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.002027035 CET5917253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.009572983 CET53591721.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.010323048 CET6110853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.019603968 CET53611081.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.090137005 CET6358753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.097681999 CET53635871.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.816133976 CET5148853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.823646069 CET53514881.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.824486017 CET6116153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.831578970 CET53611611.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.289165020 CET5628453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.298639059 CET53562841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.432252884 CET5033753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.439996004 CET53503371.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.441092014 CET6253153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.448568106 CET53625311.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.449069977 CET6108053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.456721067 CET53610801.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.988714933 CET6382353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.997313976 CET53638231.1.1.1192.168.2.5

                                                                                                                                                                                                                                                                                                                                      DNS Queries

                                                                                                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.891175985 CET192.168.2.51.1.1.10xb736Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.902381897 CET192.168.2.51.1.1.10x26a9Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.607588053 CET192.168.2.51.1.1.10xd6f4Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.612428904 CET192.168.2.51.1.1.10xa113Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.618706942 CET192.168.2.51.1.1.10xf73Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.635484934 CET192.168.2.51.1.1.10x841dStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.635703087 CET192.168.2.51.1.1.10xe529Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.722038984 CET192.168.2.51.1.1.10x4b9aStandard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.301352024 CET192.168.2.51.1.1.10x3982Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.304878950 CET192.168.2.51.1.1.10x75e3Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.310714960 CET192.168.2.51.1.1.10x17eaStandard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.313194036 CET192.168.2.51.1.1.10xa867Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.325897932 CET192.168.2.51.1.1.10x3dStandard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.436147928 CET192.168.2.51.1.1.10x72cbStandard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444632053 CET192.168.2.51.1.1.10x1564Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.447616100 CET192.168.2.51.1.1.10x49a7Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.465379000 CET192.168.2.51.1.1.10x6bfdStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.468214035 CET192.168.2.51.1.1.10xb49dStandard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.471955061 CET192.168.2.51.1.1.10xc85cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.923533916 CET192.168.2.51.1.1.10xaf4cStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.938874006 CET192.168.2.51.1.1.10xb3c5Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.948519945 CET192.168.2.51.1.1.10xfb49Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.518781900 CET192.168.2.51.1.1.10xf128Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.519346952 CET192.168.2.51.1.1.10xe797Standard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.531122923 CET192.168.2.51.1.1.10x81cdStandard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.532457113 CET192.168.2.51.1.1.10x3948Standard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.541070938 CET192.168.2.51.1.1.10xd39Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.543181896 CET192.168.2.51.1.1.10x5766Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.962385893 CET192.168.2.51.1.1.10x3160Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.980616093 CET192.168.2.51.1.1.10xbe4cStandard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.984160900 CET192.168.2.51.1.1.10x840eStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.990158081 CET192.168.2.51.1.1.10xa0b1Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.992577076 CET192.168.2.51.1.1.10x63f9Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.784580946 CET192.168.2.51.1.1.10x8903Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.795136929 CET192.168.2.51.1.1.10xc410Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.813407898 CET192.168.2.51.1.1.10x57c5Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.212682009 CET192.168.2.51.1.1.10x61e3Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.212945938 CET192.168.2.51.1.1.10x5055Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.213188887 CET192.168.2.51.1.1.10x28b1Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.227207899 CET192.168.2.51.1.1.10x3beeStandard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.235289097 CET192.168.2.51.1.1.10x771Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.701540947 CET192.168.2.51.1.1.10x9eddStandard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.701596022 CET192.168.2.51.1.1.10x349fStandard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.702079058 CET192.168.2.51.1.1.10x2b47Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710731983 CET192.168.2.51.1.1.10x6719Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.711205959 CET192.168.2.51.1.1.10xdb53Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.711427927 CET192.168.2.51.1.1.10xbb6eStandard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.721857071 CET192.168.2.51.1.1.10x143bStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.722225904 CET192.168.2.51.1.1.10xc952Standard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.730402946 CET192.168.2.51.1.1.10xddf6Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.740128040 CET192.168.2.51.1.1.10xf93bStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.230870008 CET192.168.2.51.1.1.10x3166Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.255994081 CET192.168.2.51.1.1.10x5934Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.265446901 CET192.168.2.51.1.1.10x1e89Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.779309034 CET192.168.2.51.1.1.10x99deStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.788961887 CET192.168.2.51.1.1.10xc45eStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.797578096 CET192.168.2.51.1.1.10x5a48Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.824769020 CET192.168.2.51.1.1.10xb0efStandard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.837210894 CET192.168.2.51.1.1.10xa63cStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.851253033 CET192.168.2.51.1.1.10x6232Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.798676014 CET192.168.2.51.1.1.10xb8baStandard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.808342934 CET192.168.2.51.1.1.10xf42fStandard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.028887987 CET192.168.2.51.1.1.10x7299Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.002027035 CET192.168.2.51.1.1.10x941bStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.010323048 CET192.168.2.51.1.1.10xcfceStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.090137005 CET192.168.2.51.1.1.10xd661Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.816133976 CET192.168.2.51.1.1.10xcc36Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.824486017 CET192.168.2.51.1.1.10xf7f9Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.289165020 CET192.168.2.51.1.1.10x1dStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.432252884 CET192.168.2.51.1.1.10x4838Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.441092014 CET192.168.2.51.1.1.10x126bStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.449069977 CET192.168.2.51.1.1.10x42e4Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.988714933 CET192.168.2.51.1.1.10x1290Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                      DNS Answers

                                                                                                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.887986898 CET1.1.1.1192.168.2.50xe1c1No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:57.901459932 CET1.1.1.1192.168.2.50xb736No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.616472006 CET1.1.1.1192.168.2.50xd6f4No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.616472006 CET1.1.1.1192.168.2.50xd6f4No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.616472006 CET1.1.1.1192.168.2.50xd6f4No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.620316029 CET1.1.1.1192.168.2.50xa113No error (0)youtube.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.626368046 CET1.1.1.1192.168.2.50xf73No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.642977953 CET1.1.1.1192.168.2.50x841dNo error (0)youtube.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.643300056 CET1.1.1.1192.168.2.50xe529No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.729480028 CET1.1.1.1192.168.2.50x4b9aNo error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.309956074 CET1.1.1.1192.168.2.50x3982No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.309956074 CET1.1.1.1192.168.2.50x3982No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.309956074 CET1.1.1.1192.168.2.50x3982No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.309956074 CET1.1.1.1192.168.2.50x3982No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.312334061 CET1.1.1.1192.168.2.50x75e3No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.318088055 CET1.1.1.1192.168.2.50x17eaNo error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.318088055 CET1.1.1.1192.168.2.50x17eaNo error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.320950985 CET1.1.1.1192.168.2.50xa867No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.443603039 CET1.1.1.1192.168.2.50xe1d3No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.443603039 CET1.1.1.1192.168.2.50xe1d3No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444341898 CET1.1.1.1192.168.2.50x72cbNo error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.444341898 CET1.1.1.1192.168.2.50x72cbNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.451920033 CET1.1.1.1192.168.2.50x1564No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.454905033 CET1.1.1.1192.168.2.50x49a7No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.474423885 CET1.1.1.1192.168.2.50x6bfdNo error (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.481465101 CET1.1.1.1192.168.2.50xc85cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.481465101 CET1.1.1.1192.168.2.50xc85cNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.481465101 CET1.1.1.1192.168.2.50xc85cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931029081 CET1.1.1.1192.168.2.50xaf4cNo error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931029081 CET1.1.1.1192.168.2.50xaf4cNo error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.931029081 CET1.1.1.1192.168.2.50xaf4cNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.947345972 CET1.1.1.1192.168.2.50xb3c5No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.956162930 CET1.1.1.1192.168.2.50xfb49No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.526715040 CET1.1.1.1192.168.2.50xe797No error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.526715040 CET1.1.1.1192.168.2.50xe797No error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.526715040 CET1.1.1.1192.168.2.50xe797No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.528099060 CET1.1.1.1192.168.2.50xf128No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.528099060 CET1.1.1.1192.168.2.50xf128No error (0)shavar.prod.mozaws.net44.231.111.180A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.528099060 CET1.1.1.1192.168.2.50xf128No error (0)shavar.prod.mozaws.net35.165.160.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.528099060 CET1.1.1.1192.168.2.50xf128No error (0)shavar.prod.mozaws.net52.26.30.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.539319038 CET1.1.1.1192.168.2.50x81cdNo error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.541053057 CET1.1.1.1192.168.2.50x3948No error (0)shavar.prod.mozaws.net52.26.30.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.541053057 CET1.1.1.1192.168.2.50x3948No error (0)shavar.prod.mozaws.net44.231.111.180A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.541053057 CET1.1.1.1192.168.2.50x3948No error (0)shavar.prod.mozaws.net35.165.160.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.968991995 CET1.1.1.1192.168.2.50xf6f7No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.970653057 CET1.1.1.1192.168.2.50x3160No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.972795963 CET1.1.1.1192.168.2.50x4cd5No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.972795963 CET1.1.1.1192.168.2.50x4cd5No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.988075018 CET1.1.1.1192.168.2.50xbe4cNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.991789103 CET1.1.1.1192.168.2.50x840eNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.700988054 CET1.1.1.1192.168.2.50x1df8No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.791867971 CET1.1.1.1192.168.2.50x8903No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.791867971 CET1.1.1.1192.168.2.50x8903No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.802555084 CET1.1.1.1192.168.2.50xc410No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.820719957 CET1.1.1.1192.168.2.50x57c5No error (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.220321894 CET1.1.1.1192.168.2.50x28b1No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.220321894 CET1.1.1.1192.168.2.50x28b1No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.220354080 CET1.1.1.1192.168.2.50x5055No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.220354080 CET1.1.1.1192.168.2.50x5055No error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.221103907 CET1.1.1.1192.168.2.50x61e3No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.234357119 CET1.1.1.1192.168.2.50x3beeNo error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.243024111 CET1.1.1.1192.168.2.50x771No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710141897 CET1.1.1.1192.168.2.50x9eddNo error (0)star-mini.c10r.facebook.com157.240.0.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710429907 CET1.1.1.1192.168.2.50x349fNo error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710829020 CET1.1.1.1192.168.2.50x2b47No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710829020 CET1.1.1.1192.168.2.50x2b47No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710829020 CET1.1.1.1192.168.2.50x2b47No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710829020 CET1.1.1.1192.168.2.50x2b47No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.710829020 CET1.1.1.1192.168.2.50x2b47No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718302011 CET1.1.1.1192.168.2.50x6719No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718521118 CET1.1.1.1192.168.2.50xbb6eNo error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718521118 CET1.1.1.1192.168.2.50xbb6eNo error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718521118 CET1.1.1.1192.168.2.50xbb6eNo error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718521118 CET1.1.1.1192.168.2.50xbb6eNo error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718612909 CET1.1.1.1192.168.2.50xdb53No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718612909 CET1.1.1.1192.168.2.50xdb53No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718612909 CET1.1.1.1192.168.2.50xdb53No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.718612909 CET1.1.1.1192.168.2.50xdb53No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.729490042 CET1.1.1.1192.168.2.50x143bNo error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.737998009 CET1.1.1.1192.168.2.50xddf6No error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.263979912 CET1.1.1.1192.168.2.50x5934No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.759890079 CET1.1.1.1192.168.2.50x7b9aNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.759890079 CET1.1.1.1192.168.2.50x7b9aNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.787139893 CET1.1.1.1192.168.2.50x99deNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.787139893 CET1.1.1.1192.168.2.50x99deNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.787139893 CET1.1.1.1192.168.2.50x99deNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.787139893 CET1.1.1.1192.168.2.50x99deNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.796936989 CET1.1.1.1192.168.2.50xc45eNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.796936989 CET1.1.1.1192.168.2.50xc45eNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.796936989 CET1.1.1.1192.168.2.50xc45eNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.796936989 CET1.1.1.1192.168.2.50xc45eNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.805978060 CET1.1.1.1192.168.2.50x5a48No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.805978060 CET1.1.1.1192.168.2.50x5a48No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.805978060 CET1.1.1.1192.168.2.50x5a48No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.805978060 CET1.1.1.1192.168.2.50x5a48No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.832488060 CET1.1.1.1192.168.2.50xb0efNo error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.832488060 CET1.1.1.1192.168.2.50xb0efNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:26.844913006 CET1.1.1.1192.168.2.50xa63cNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.795263052 CET1.1.1.1192.168.2.50x21deNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.795263052 CET1.1.1.1192.168.2.50x21deNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.795263052 CET1.1.1.1192.168.2.50x21deNo error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.795263052 CET1.1.1.1192.168.2.50x21deNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.795263052 CET1.1.1.1192.168.2.50x21deNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.807862997 CET1.1.1.1192.168.2.50xb8baNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.807862997 CET1.1.1.1192.168.2.50xb8baNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.816035986 CET1.1.1.1192.168.2.50xf42fNo error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.816035986 CET1.1.1.1192.168.2.50xf42fNo error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.037075996 CET1.1.1.1192.168.2.50x7299No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.037075996 CET1.1.1.1192.168.2.50x7299No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.037075996 CET1.1.1.1192.168.2.50x7299No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.009572983 CET1.1.1.1192.168.2.50x941bNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.085040092 CET1.1.1.1192.168.2.50x17f6No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:24.823646069 CET1.1.1.1192.168.2.50xcc36No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.298639059 CET1.1.1.1192.168.2.50x1dNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.298639059 CET1.1.1.1192.168.2.50x1dNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.298639059 CET1.1.1.1192.168.2.50x1dNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.439996004 CET1.1.1.1192.168.2.50x4838No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.448568106 CET1.1.1.1192.168.2.50x126bNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.997313976 CET1.1.1.1192.168.2.50x1290No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.997313976 CET1.1.1.1192.168.2.50x1290No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.997313976 CET1.1.1.1192.168.2.50x1290No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                      HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                      • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                                      HTTP Packets

                                                                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                      0192.168.2.54971334.107.221.82805688C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:58.735513926 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.189513922 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46788
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.923003912 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.019669056 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46788
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                      1192.168.2.54971834.107.221.82805688C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.495101929 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:51:59.961658955 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46782
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success


                                                                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                      2192.168.2.54972234.107.221.82805688C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.415762901 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:00.861149073 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46783
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.327265978 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:03.424420118 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46786
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.286029100 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.454035997 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46788
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.799082994 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.903700113 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46788
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.088057995 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.206262112 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46789
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.556337118 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.653578043 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46789
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.146518946 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:12.243438959 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46795
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.447350979 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.552824020 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46796
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.573419094 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.861262083 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.964240074 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46806
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.364270926 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.462275982 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46810
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.891890049 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.990135908 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46810
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.134560108 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.231858015 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46816
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:43.246862888 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.602690935 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.700689077 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46827
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:54.709925890 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.698810101 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.795644045 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46840
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.172305107 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.269217968 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46841
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.280287981 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.293421984 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.393661976 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.493577003 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46868
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:35.496705055 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:45.508655071 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:55.516557932 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:05.529189110 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:15.541951895 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.091252089 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.188136101 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:17 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46949
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                      Data Ascii: success


                                                                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                      3192.168.2.54973034.107.221.82805688C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.324414015 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:02.787544966 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46791
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.800863981 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:04.900366068 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46793
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.688642979 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.787192106 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46794
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.853818893 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:05.952482939 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46794
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.444124937 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:06.552135944 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46795
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.704356909 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:11.804486036 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46800
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.221394062 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:13.319778919 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46802
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.334580898 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.759053946 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:23.857520103 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46812
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.262409925 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.361238956 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46816
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.768992901 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.868740082 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46816
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.028641939 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:33.128242016 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46822
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:43.130954981 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.501391888 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:44.599648952 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46833
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:54.609610081 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.579005003 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:57.677653074 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46846
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.068802118 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:58.168122053 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46847
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:08.179996014 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:18.193123102 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.289006948 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:25.389751911 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46874
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:35.396348953 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:45.408339024 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:53:55.416301012 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:05.428942919 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:15.441672087 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:45.988312006 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:54:46.087497950 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 04:52:11 GMT
                                                                                                                                                                                                                                                                                                                                      Age: 46955
                                                                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                      4192.168.2.5499132.22.61.56805688C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:27.804416895 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                                      Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425324917 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                      Last-Modified: Fri, 07 Feb 2025 06:55:57 GMT
                                                                                                                                                                                                                                                                                                                                      ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                                      Content-Length: 453023
                                                                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                      X-Timestamp: 1738911356.44453
                                                                                                                                                                                                                                                                                                                                      Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                                      X-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1
                                                                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=163451
                                                                                                                                                                                                                                                                                                                                      Expires: Wed, 26 Feb 2025 15:16:39 GMT
                                                                                                                                                                                                                                                                                                                                      Date: Mon, 24 Feb 2025 17:52:28 GMT
                                                                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                      Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                      Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425338030 CET1236INData Raw: bd c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5
                                                                                                                                                                                                                                                                                                                                      Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*dIUkq9[d
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.425348043 CET448INData Raw: 76 05 c4 dc 61 8a ee 89 36 03 dd 1b 08 cd 40 d9 ea 04 bd 6e 44 fc 07 c7 c5 f9 37 23 49 13 20 6b 79 26 c2 ef b5 cf c4 f9 36 c0 ee 95 21 56 4f bf 34 ab 1d 51 ac fe f7 81 91 58 5d 54 d5 5a 44 59 dd bb 12 e9 2b 02 56 4f 8f 9f b8 ad c8 db ba c2 58 de
                                                                                                                                                                                                                                                                                                                                      Data Ascii: va6@nD7#I ky&6!VO4QX]TZDY+VOXrm!m%R4Re"*2Xohu}G9gVP8ghhlW4CUR7wv$Y`X%k|h``\"^w\>(y':@V6
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426549911 CET1236INData Raw: 65 e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b
                                                                                                                                                                                                                                                                                                                                      Data Ascii: e2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426562071 CET1236INData Raw: 7f b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e
                                                                                                                                                                                                                                                                                                                                      Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.426573992 CET448INData Raw: 62 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92
                                                                                                                                                                                                                                                                                                                                      Data Ascii: bY:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429203987 CET1236INData Raw: 5d a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48
                                                                                                                                                                                                                                                                                                                                      Data Ascii: ]!Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429241896 CET1236INData Raw: 0e 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd
                                                                                                                                                                                                                                                                                                                                      Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.429254055 CET448INData Raw: 8e 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3
                                                                                                                                                                                                                                                                                                                                      Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.431742907 CET1236INData Raw: 99 ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd
                                                                                                                                                                                                                                                                                                                                      Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1
                                                                                                                                                                                                                                                                                                                                      Feb 24, 2025 18:52:28.431762934 CET1236INData Raw: 54 88 af 6b 46 21 96 c5 bc 17 f8 0b 33 f5 a2 5c 8c f3 a5 7a 0f eb 92 0f 50 32 86 fd 65 5b 30 c8 b2 e7 30 e0 fb 80 1a be 7d a4 46 35 7c d3 69 08 ed 2b a1 bc e9 40 0c 46 75 4f b0 5b 0d 12 e4 5d 29 77 a0 15 ab 42 4b 58 cd 29 e9 2f 53 ed 53 3b ff 20
                                                                                                                                                                                                                                                                                                                                      Data Ascii: TkF!3\zP2e[00}F5|i+@FuO[])wBKX)/SS; <NEfql]M.dRro7/tk>)0(k"?1!cY[D8w5U:1|hEfwS"'<^`c7


                                                                                                                                                                                                                                                                                                                                      Statistics

                                                                                                                                                                                                                                                                                                                                      CPU Usage

                                                                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                                                                      Memory Usage

                                                                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                      Behavior

                                                                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                                                                      System Behavior

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:0
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:50
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x510000
                                                                                                                                                                                                                                                                                                                                      File size:968'704 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:E9A8537A4EFBA5386C2A5ADF0355EB4B
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:2
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:51
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x430000
                                                                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:3
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:51
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:4
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x430000
                                                                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:5
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:6
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x430000
                                                                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:7
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:8
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x430000
                                                                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:9
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:10
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x430000
                                                                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:11
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:53
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:12
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:54
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:13
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:54
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:14
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:54
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:16
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:55
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2100 -prefMapHandle 2092 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4288b39-eeff-48cc-89be-fe64cc4e59d5} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20fe9b6f310 socket
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:17
                                                                                                                                                                                                                                                                                                                                      Start time:12:51:57
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4112 -parentBuildID 20230927232528 -prefsHandle 1388 -prefMapHandle 4232 -prefsLen 26395 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {125b98cb-c08a-463f-845a-e5a5de2dd182} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 20ffaf6fe10 rdd
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                                                                      Target ID:18
                                                                                                                                                                                                                                                                                                                                      Start time:12:52:03
                                                                                                                                                                                                                                                                                                                                      Start date:24/02/2025
                                                                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5020 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {adec35be-c7a7-4da3-a367-92b1400258f1} 5688 "\\.\pipe\gecko-crash-server-pipe.5688" 21003272b10 utility
                                                                                                                                                                                                                                                                                                                                      Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                                                                      Disassembly

                                                                                                                                                                                                                                                                                                                                      Reset < >