Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1639372
MD5:7b263841e989d2a9f7d156e74cb36e6f
SHA1:daf7c46fc057c7e3dc266faacf89652cc1cf9720
SHA256:6457881894861cb853a08b65e3b63b2916f317ce6730338f0508cf84f5f930e8
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:76
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Drops PE files
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 7536 cmdline: "C:\Users\user\Desktop\random.exe" MD5: 7B263841E989D2A9F7D156E74CB36E6F)
    • taskkill.exe (PID: 7552 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7560 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7648 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7656 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7716 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7724 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7780 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7788 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7844 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7852 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 7900 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 7932 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 7948 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 8156 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2240 -prefsLen 25359 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {40ce1d3d-1a10-4789-8b4b-bfd0ef91fb48} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2461056e710 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7840 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3880 -parentBuildID 20230927232528 -prefsHandle 2908 -prefMapHandle 3868 -prefsLen 26374 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961c2d05-76e8-4603-b7ab-31c7502fe9a7} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2462254f810 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 8488 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5384 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1544 -prefMapHandle 2680 -prefsLen 33185 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {279e2cff-c7d4-4a7e-b94b-d843fff9af51} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 246216e6d10 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 8644 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 8660 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 7536JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeVirustotal: Detection: 33%Perma Link
    Source: random.exeReversingLabs: Detection: 36%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.7% probability
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49735 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.4:49736 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.4:49738 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49748 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49759 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49758 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.4:49762 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.193.91:443 -> 192.168.2.4:49763 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49766 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49767 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49768 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.4:49769 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49776 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49775 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49777 version: TLS 1.2
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000D.00000003.1407361593.0000024623F01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000D.00000003.1405930474.000002462159B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.13.dr
    Source: Binary string: xWindows.Security.Integrity.pdb source: firefox.exe, 0000000D.00000003.1401356559.00000246227B0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1387088407.00000246227CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1401289168.00000246227CE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: kbdus.pdb source: firefox.exe, 0000000D.00000003.1387774106.000002461DCDB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000D.00000003.1400735730.000002462298E000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.13.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000D.00000003.1407361593.0000024623F01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000D.00000003.1405692778.00000246215F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1405930474.000002462159B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000D.00000003.1405692778.00000246215F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: kbdus.pdbGCTL source: firefox.exe, 0000000D.00000003.1387774106.000002461DCDB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000D.00000003.1405930474.000002462159B000.00000004.00000800.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0079DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0076C2A2 FindFirstFileExW,0_2_0076C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A68EE FindFirstFileW,FindClose,0_2_007A68EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_007A698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0079D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0079D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_007A9642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_007A979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_007A9B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A5C97 FindFirstFileW,FindNextFileW,FindClose,0_2_007A5C97
    Source: firefox.exeMemory has grown: Private usage: 1MB later: 221MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: Joe Sandbox ViewIP Address: 2.22.61.59 2.22.61.59
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 34.49.51.44 34.49.51.44
    Source: Joe Sandbox ViewIP Address: 34.117.188.166 34.117.188.166
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007ACE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_007ACE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKContent-Length: 453023Accept-Ranges: bytesLast-Modified: Wed, 12 Mar 2025 04:19:28 GMTETag: 85430baed3398695717b0263807cf97cX-Timestamp: 1741753167.65917Content-Type: application/zipX-Trans-Id: tx8010bf916ad24497ab4a8-0067d34aa4dfw1Cache-Control: public, max-age=117347Expires: Sun, 16 Mar 2025 21:13:28 GMTDate: Sat, 15 Mar 2025 12:37:41 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000D.00000003.1343217712.0000024628337000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000D.00000003.1403883118.0000024621A96000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000D.00000003.1347468870.000002462BCBA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1245294648.0000024621551000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1347468870.000002462BCBA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000D.00000003.1403883118.0000024621A96000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1347468870.000002462BCBA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1245294648.0000024621551000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1347468870.000002462BCBA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000D.00000003.1351917314.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1384724878.00000246239B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000D.00000003.1351917314.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1384724878.00000246239B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000D.00000003.1351917314.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1384724878.00000246239B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000D.00000003.1403883118.0000024621A96000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: dualstack.reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 0000000D.00000003.1237129067.0000024621599000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237129067.0000024621593000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1236525592.00000246229CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1377768301.0000024623F8B000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1406794562.000002461DC3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1377768301.0000024623F8B000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1406794562.000002461DC3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
    Source: firefox.exe, 0000000D.00000003.1395658205.00000246288B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1401745291.00000246226D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367351739.00000246288B0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1404204053.0000024621A63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000D.00000003.1384724878.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1387581902.0000024622AD5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1385574964.0000024622AD5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1405133998.0000024621674000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1399659403.0000024622AD5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000D.00000003.1236525592.00000246229CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000D.00000003.1236525592.00000246229CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000D.00000003.1370754871.000002462850A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1396852134.000002462850E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com;
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListenerFailed
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListenerThe
    Source: firefox.exe, 00000019.00000002.1381989504.00000283AA1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1373187132.00000283AA1A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
    Source: firefox.exe, 00000019.00000002.1381855822.00000283AA162000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-times
    Source: firefox.exe, 00000019.00000002.1381989504.00000283AA1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1373187132.00000283AA1A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
    Source: firefox.exe, 00000019.00000002.1381855822.00000283AA162000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressions
    Source: firefox.exe, 00000019.00000002.1381989504.00000283AA1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1373187132.00000283AA1A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
    Source: firefox.exe, 00000019.00000002.1379998154.000002839E90A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/strings
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1317555430.000002462A89E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000D.00000003.1231040406.0000024622DDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1369439721.000002462863C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1365611634.0000024628C29000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1229339255.0000024628A86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1320864298.00000246283E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1403438017.0000024621AB3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1327146276.0000024621823000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351917314.0000024623964000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1324313258.0000024628A84000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1326585981.0000024621823000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1199724200.00000246206FA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1199724200.00000246206EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1312454282.0000024620D9E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1341838472.00000246206FA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1318925494.0000024628A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1317801469.00000246283E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1325027438.0000024621839000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.0000024623964000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351433969.000002462863C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1372275681.0000024623945000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1377768301.0000024623F8B000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1406794562.000002461DC3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0
    Source: firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0.
    Source: firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
    Source: firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: gmpopenh264.dll.tmp.13.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000D.00000003.1236669970.00000246227A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1376067507.0000024622AD5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1355003727.0000024622AD5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1231040406.0000024622D41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1385574964.0000024622AE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1236669970.000002462277C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1401557485.000002462277C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1387581902.0000024622AE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: firefox.exe, 0000000D.00000003.1236669970.00000246227A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul8
    Source: firefox.exe, 00000010.00000003.1228274862.0000028DFC43C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000003.1226922770.0000028DFC43C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2391350809.0000028DFC43C000.00000004.00000020.00020000.00000000.sdmp, mozilla-temp-41.13.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 0000000D.00000003.1349682119.0000024628C52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://youtube.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000D.00000003.1405930474.00000246215B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://MD8.mozilla.org/1/m
    Source: firefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
    Source: firefox.exe, 0000000D.00000003.1347468870.000002462BCC8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1393022030.000002462BCCA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
    Source: firefox.exe, 0000000D.00000003.1351869819.00000246285DF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000D.00000003.1383327895.0000024628909000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
    Source: firefox.exe, 0000000D.00000003.1316156666.0000024621B83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1315593954.0000024621B43000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1313889314.0000024621B13000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1296330342.0000024621933000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1332892589.0000024621933000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1313889314.0000024621BB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1335691698.0000024621BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1293943205.000002462192E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1262887639.000002462192F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000D.00000003.1405133998.0000024621695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000D.00000003.1349022539.0000024628C72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
    Source: firefox.exe, 0000000D.00000003.1349022539.0000024628C72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000D.00000003.1380370910.000002462BC4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1347851288.000002462BC46000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367532778.000002462889B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.000002462888F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1347340899.000002462C2C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1388115279.000002462C2CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1404559015.00000246216C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1362547057.000002462BC46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
    Source: firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
    Source: firefox.exe, 0000000D.00000003.1379818511.000002462C352000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1293943205.000002462192E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1293943205.000002462192E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1261522975.000002462145B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
    Source: firefox.exe, 0000000D.00000003.1358332976.00000246217CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1293943205.000002462192E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1293943205.000002462192E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000D.00000003.1349682119.0000024628C52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
    Source: firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.000002462888F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367622971.0000024628891000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000D.00000003.1388853200.00000246289D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000D.00000003.1388853200.00000246289D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000D.00000003.1348629587.000002462AB9A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA2AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabPlease
    Source: firefox.exe, 0000000D.00000003.1348629587.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1363785352.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA2AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureOffscreenCanvas.toBlob()
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequest
    Source: firefox.exe, 0000000D.00000003.1348629587.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1363785352.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
    Source: firefox.exe, 00000019.00000003.1367839933.00000283AA2AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarning
    Source: firefox.exe, 0000000D.00000003.1348629587.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1363785352.000002462AB9F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarningElem
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureInstallTrigger.install()
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestSto
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingTrying
    Source: firefox.exe, 0000000D.00000003.1244685407.00000246216D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
    Source: firefox.exe, 0000000D.00000003.1348629587.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1363785352.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237C13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000D.00000003.1239099219.0000024620B5B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1239825309.0000024620B73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 00000019.00000002.1383697106.00000283AA8A0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
    Source: firefox.exe, 0000000D.00000003.1346177254.000002462C3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1361939529.000002462C3F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000D.00000003.1395414457.00000246288DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
    Source: firefox.exe, 0000000D.00000003.1346789017.000002462C383000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237C13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1374246704.0000024622D41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1231040406.0000024622D67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1398957712.0000024622D68000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB72F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237C30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000D.00000003.1383327895.0000024628909000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000D.00000003.1293943205.0000024621984000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1404064397.0000024621A86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000D.00000003.1388200900.000002462C287000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000D.00000003.1404425623.0000024621A42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000D.00000003.1388200900.000002462C287000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000D.00000003.1388200900.000002462C287000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000D.00000003.1388200900.000002462C287000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000D.00000003.1388200900.000002462C287000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000D.00000003.1382897373.000002462895E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.13.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000000D.00000003.1394969501.00000246296DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382298563.00000246296B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000D.00000003.1363330991.000002462AD50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/e79e280d-6e3f-47c3-8d95-a4a1
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submitSw
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
    Source: firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 0000000D.00000003.1237673755.00000246209FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000D.00000003.1237524602.0000024621575000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
    Source: firefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
    Source: firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
    Source: firefox.exe, 00000010.00000002.2386179754.0000028DFB786000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237C8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mochitest.youtube.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 0000000D.00000003.1249045807.000002462188C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/page/
    Source: firefox.exe, 0000000D.00000003.1249045807.000002462188C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/player/
    Source: firefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000D.00000003.1362547057.000002462BC58000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
    Source: firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 0000000D.00000003.1404559015.00000246216C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 0000000D.00000003.1404559015.00000246216C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2&
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000D.00000003.1386080490.0000024622A24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 0000000D.00000003.1404559015.00000246216C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 0000000D.00000003.1404559015.00000246216C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000D.00000003.1244685407.00000246216D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 0000000D.00000003.1403438017.0000024621AB3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 0000000D.00000003.1405133998.0000024621645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
    Source: firefox.exe, 0000000D.00000003.1393536619.000002462B389000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000D.00000003.1393536619.000002462B389000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000D.00000003.1240112991.0000024621575000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1245178811.0000024621575000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237524602.0000024621575000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
    Source: firefox.exe, 0000000D.00000003.1405692778.00000246215BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237129067.00000246215BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1240112991.00000246215B9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244834115.00000246215B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000D.00000003.1367714036.000002462888F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.000002462888F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1389063248.000002462888F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 00000016.00000002.2385900510.000001B237C13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000D.00000003.1388853200.00000246289D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 0000000D.00000003.1396441149.0000024628555000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370754871.0000024628555000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 0000000D.00000003.1405133998.0000024621695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000000D.00000003.1405133998.0000024621695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000D.00000003.1400735730.000002462298E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1379818511.000002462C38A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1346789017.000002462C383000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000D.00000003.1354963967.0000024622AF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367532778.000002462889B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.000002462888F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1403883118.0000024621A96000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1375974844.0000024622AF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1404152033.0000024621A7A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThe
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsUse
    Source: firefox.exe, 0000000D.00000003.1318480238.00000246238AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000D.00000003.1351917314.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1384724878.00000246239B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1397581466.00000246239BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
    Source: firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
    Source: firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
    Source: firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000D.00000003.1396047846.000002462859C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
    Source: firefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
    Source: firefox.exe, 0000000D.00000003.1347468870.000002462BCBA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
    Source: firefox.exe, 0000000D.00000003.1240112991.0000024621599000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237574502.0000024621556000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000D.00000003.1354963967.0000024622AF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.000002462888F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/?field-keywords=&ie=UTF-8&mode=blended&tag=mozill
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
    Source: firefox.exe, 0000000D.00000003.1378089194.000002461DC93000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
    Source: firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219
    Source: firefox.exe, 0000000D.00000003.1364464421.0000024628CA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1369803352.0000024628617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: firefox.exe, 0000000D.00000003.1382897373.000002462895E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000D.00000003.1349022539.0000024628C72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000D.00000003.1349022539.0000024628C72000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1245294648.0000024621555000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237574502.0000024621556000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000D.00000003.1249045807.000002462188C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hulu.com/watch/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
    Source: firefox.exe, 0000000D.00000003.1249045807.000002462188C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
    Source: firefox.exe, 0000000D.00000003.1399862856.00000246229C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1399862856.00000246229C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1390730704.00000246229CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1386164631.00000246229CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
    Source: firefox.exe, 0000000D.00000003.1239099219.0000024620B5B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1239825309.0000024620B73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
    Source: firefox.exe, 0000000D.00000003.1347119749.000002462C2D7000.00000004.00000800.00020000.00000000.sdmp, targeting.snapshot.json.tmp.13.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
    Source: firefox.exe, 0000000D.00000003.1388584000.0000024628CAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1347119749.000002462C2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
    Source: firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 00000010.00000002.2386179754.0000028DFB7C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000D.00000003.1365769725.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1382640501.000002462899B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 0000000D.00000003.1347119749.000002462C2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1392376294.000002462C2E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
    Source: firefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
    Source: firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1398012890.00000246239B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB703000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237C0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.zhihu.com/
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warningThe
    Source: firefox.exe, 0000000D.00000003.1351917314.00000246239E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000D.00000003.1384724878.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1397581466.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1401745291.00000246226ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1396441149.0000024628522000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351917314.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370754871.0000024628522000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: recovery.jsonlz4.tmp.13.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000016.00000002.2385313399.000001B237B60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/sig
    Source: firefox.exe, 00000016.00000002.2382981532.000001B2378CA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challengN
    Source: firefox.exe, 0000000D.00000003.1397581466.00000246239FC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1256813449.000002462197E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384971749.0000025AA54C4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2383325533.0000025AA52EA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2381927285.0000028DFB38A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2385448438.0000028DFB6E4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385313399.000001B237B64000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2382981532.000001B2378C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2382981532.000001B2378CA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000B.00000002.1173604971.000002A2701E0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.1186201902.000001B9A5697000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 0000000D.00000003.1379370313.000002461DCDC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384971749.0000025AA54C4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2383325533.0000025AA52E0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2381927285.0000028DFB380000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2385448438.0000028DFB6E4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385313399.000001B237B64000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2382981532.000001B2378C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: firefox.exe, 00000010.00000002.2381927285.0000028DFB380000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwddN0
    Source: firefox.exe, 0000000E.00000002.2383325533.0000025AA52E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdnO
    Source: firefox.exe, 00000010.00000002.2381927285.0000028DFB38A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdpN0
    Source: firefox.exe, 0000000E.00000002.2383325533.0000025AA52EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdzO
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
    Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
    Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
    Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
    Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
    Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
    Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
    Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
    Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
    Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49735 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.4:49736 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.4:49738 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49748 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49759 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49758 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.4:49762 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.193.91:443 -> 192.168.2.4:49763 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49766 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49767 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.4:49768 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.4:49769 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49776 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49775 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.4:49777 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007AEAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_007AEAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007AED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_007AED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007AEAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_007AEAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_0079AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007C9576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_007C9576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000002.1217230238.00000000007F2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_9af6cef9-0
    Source: random.exe, 00000000.00000002.1217230238.00000000007F2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_77db2439-f
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_a19b16c9-9
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_22fea231-9
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6C2377 NtQuerySystemInformation,16_2_0000028DFB6C2377
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6F4C32 NtQuerySystemInformation,16_2_0000028DFB6F4C32
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079D5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_0079D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00791201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00791201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_0079E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007380600_2_00738060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A20460_2_007A2046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007982980_2_00798298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0076E4FF0_2_0076E4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0076676B0_2_0076676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007C48730_2_007C4873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0073CAF00_2_0073CAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0075CAA00_2_0075CAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0074CC390_2_0074CC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00766DD90_2_00766DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0074B1190_2_0074B119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007391C00_2_007391C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007513940_2_00751394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007517060_2_00751706
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0075781B0_2_0075781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0074997D0_2_0074997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007379200_2_00737920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007519B00_2_007519B0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00757A4A0_2_00757A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00751C770_2_00751C77
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00757CA70_2_00757CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007BBE440_2_007BBE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00769EEE0_2_00769EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00751F320_2_00751F32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6C237716_2_0000028DFB6C2377
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6F4C3216_2_0000028DFB6F4C32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6F535C16_2_0000028DFB6F535C
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6F4C7216_2_0000028DFB6F4C72
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00750A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00739CB3 appears 31 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 0074F9F2 appears 40 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal76.troj.evad.winEXE@37/41@72/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A37B5 GetLastError,FormatMessageW,0_2_007A37B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007910BF AdjustTokenPrivileges,CloseHandle,0_2_007910BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007916C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_007916C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A51CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_007A51CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_0079D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_007A648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007342A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_007342A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7724:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7560:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7656:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7852:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7788:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1369803352.0000024628617000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000D.00000003.1350643331.00000246286A1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000D.00000003.1362267498.000002462C2A5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeVirustotal: Detection: 33%
    Source: random.exeReversingLabs: Detection: 36%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2240 -prefsLen 25359 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {40ce1d3d-1a10-4789-8b4b-bfd0ef91fb48} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2461056e710 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3880 -parentBuildID 20230927232528 -prefsHandle 2908 -prefMapHandle 3868 -prefsLen 26374 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961c2d05-76e8-4603-b7ab-31c7502fe9a7} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2462254f810 rdd
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5384 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1544 -prefMapHandle 2680 -prefsLen 33185 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {279e2cff-c7d4-4a7e-b94b-d843fff9af51} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 246216e6d10 utility
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2240 -prefsLen 25359 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {40ce1d3d-1a10-4789-8b4b-bfd0ef91fb48} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2461056e710 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3880 -parentBuildID 20230927232528 -prefsHandle 2908 -prefMapHandle 3868 -prefsLen 26374 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961c2d05-76e8-4603-b7ab-31c7502fe9a7} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2462254f810 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5384 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1544 -prefMapHandle 2680 -prefsLen 33185 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {279e2cff-c7d4-4a7e-b94b-d843fff9af51} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 246216e6d10 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdateJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile written: C:\Users\user\AppData\Roaming\Mozilla\Firefox\installs.iniJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000D.00000003.1407361593.0000024623F01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000D.00000003.1405930474.000002462159B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.13.dr
    Source: Binary string: xWindows.Security.Integrity.pdb source: firefox.exe, 0000000D.00000003.1401356559.00000246227B0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1387088407.00000246227CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1401289168.00000246227CE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: kbdus.pdb source: firefox.exe, 0000000D.00000003.1387774106.000002461DCDB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000D.00000003.1400735730.000002462298E000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.13.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000D.00000003.1407361593.0000024623F01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000D.00000003.1405692778.00000246215F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1405930474.000002462159B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000D.00000003.1405692778.00000246215F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000D.00000003.1405643229.0000024621636000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: kbdus.pdbGCTL source: firefox.exe, 0000000D.00000003.1387774106.000002461DCDB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000D.00000003.1405930474.000002462159B000.00000004.00000800.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007342DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_007342DE
    Source: gmpopenh264.dll.tmp.13.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00750A76 push ecx; ret 0_2_00750A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0074F98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_0074F98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007C1C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_007C1C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-96912
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6C2377 rdtsc 16_2_0000028DFB6C2377
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Users\user\Desktop\random.exe TID: 7540Thread sleep count: 103 > 30Jump to behavior
    Source: C:\Users\user\Desktop\random.exe TID: 7540Thread sleep count: 143 > 30Jump to behavior
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0079DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0076C2A2 FindFirstFileExW,0_2_0076C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A68EE FindFirstFileW,FindClose,0_2_007A68EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_007A698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0079D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0079D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_007A9642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_007A979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_007A9B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007A5C97 FindFirstFileW,FindNextFileW,FindClose,0_2_007A5C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007342DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_007342DE
    Source: firefox.exe, 00000019.00000002.1380940038.00000283A0643000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW8b8
    Source: firefox.exe, 00000010.00000002.2389716368.0000028DFBD60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW6634-1002_Classes
    Source: firefox.exe, 00000016.00000002.2382981532.000001B2378CA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0L
    Source: random.exe, 00000000.00000003.1215392049.0000000001083000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1213673618.000000000107F000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1216776076.00000000010B9000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1215568930.00000000010B5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW.
    Source: firefox.exe, 0000000E.00000002.2383325533.0000025AA52EA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0
    Source: random.exe, 00000000.00000003.1215392049.0000000001083000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1213673618.000000000107F000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000002.1218137419.0000000001096000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1215835264.000000000108F000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2383325533.0000025AA52EA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000019.00000002.1380940038.00000283A060A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000019.00000002.1380940038.00000283A05E4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 0000000E.00000002.2389499032.0000025AA5718000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000016.00000002.2389249657.000001B237D00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWZ
    Source: firefox.exe, 00000010.00000002.2381927285.0000028DFB38A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW^
    Source: firefox.exe, 00000010.00000002.2389716368.0000028DFBD60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll!c
    Source: random.exe, 00000000.00000003.1209876230.0000000001298000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000002.1218546089.000000000129B000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2390336353.0000025AA5808000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2389716368.0000028DFBD60000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000019.00000002.1380940038.00000283A060A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 16_2_0000028DFB6C2377 rdtsc 16_2_0000028DFB6C2377
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007AEAA2 BlockInput,0_2_007AEAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00762622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00762622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007342DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_007342DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00754CE8 mov eax, dword ptr fs:[00000030h]0_2_00754CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00790B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00790B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00762622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00762622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0075083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0075083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007509D5 SetUnhandledExceptionFilter,0_2_007509D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00750C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00750C21
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00791201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00791201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00772BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_00772BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0079B226 SendInput,keybd_event,0_2_0079B226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007B22DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_007B22DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" --moz_log sync,prependheader,timestamp,append,maxsize:1,dump:5 --moz_log_file c:\programdata\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046b0af4a39cb\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00790B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00790B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00791663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00791663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: firefox.exe, 0000000D.00000003.1360422615.0000024623F4C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: hSoftware\Policies\Microsoft\Windows\PersonalizationNoChangingStartMenuBackgroundPersonalColors_BackgroundWilStaging_02RtlDisownModuleHeapAllocationRtlQueryFeatureConfigurationRtlRegisterFeatureConfigurationChangeNotificationRtlSubscribeWnfStateChangeNotificationRtlDllShutdownInProgressntdll.dllNtQueryWnfStateDataLocal\SM0:%d:%d:%hs_p0Local\SessionImmersiveColorPreferenceBEGINTHMthmfile\Sessions\%d\Windows\ThemeSectionMessageWindowendthemewndThemeApiConnectionRequest\ThemeApiPortwinsta0SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\PersonalizeAppsUseLightThemeSystemUsesLightThemedefaultshell\themes\uxtheme\render.cppCompositedWindow::WindowdeletedrcacheMDIClientSoftware\Microsoft\Windows\DWMColorPrevalenceSoftware\Microsoft\Windows\CurrentVersion\ImmersiveShellTabletModeMENUAccentColorSoftware\Microsoft\Windows\CurrentVersion\Explorer\AccentDefaultStartColorControl Panel\DesktopAutoColorizationAccentColorMenuStartColorMenuAutoColorSoftware\Microsoft\Windows\CurrentVersion\Themes\History\ColorsSoftware\Microsoft\Windows\CurrentVersion\Themes\HistoryAccentPaletteTab$Shell_TrayWndLocal\SessionImmersiveColorMutex
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00750698 cpuid 0_2_00750698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0078D21C GetLocalTime,0_2_0078D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0078D27A GetUserNameW,0_2_0078D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0076B952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_0076B952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007342DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_007342DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7536, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7536, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007B1204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_007B1204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_007B1806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_007B1806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain Accounts1
    Command and Scripting Interpreter    		Logon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager3
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials11
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job11
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1639372 Sample: random.exe Startdate: 15/03/2025 Architecture: WINDOWS Score: 76 49 youtube.com 2->49 51 youtube-ui.l.google.com 2->51 53 38 other IPs or domains 2->53 61 Antivirus / Scanner detection for submitted sample 2->61 63 Multi AV Scanner detection for submitted file 2->63 65 Yara detected Credential Flusher 2->65 67 2 other signatures 2->67 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        13 firefox.exe 1 2->13         started        signatures3 process4 signatures5 69 Binary is likely a compiled AutoIt script file 8->69 71 Found API chain indicative of sandbox detection 8->71 15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        19 taskkill.exe 1 8->19         started        27 3 other processes 8->27 21 firefox.exe 3 221 11->21         started        25 firefox.exe 33 13->25         started        process6 dnsIp7 29 conhost.exe 15->29         started        31 conhost.exe 17->31         started        33 conhost.exe 19->33         started        55 youtube.com 142.250.185.110, 443, 49726, 49727 GOOGLEUS United States 21->55 57 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49728, 49734, 49739 GOOGLEUS United States 21->57 59 12 other IPs or domains 21->59 45 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 21->45 dropped 47 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 21->47 dropped 35 firefox.exe 1 21->35         started        37 firefox.exe 1 21->37         started        39 firefox.exe 1 21->39         started        41 conhost.exe 27->41         started        43 conhost.exe 27->43         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe34%VirustotalBrowse
    random.exe36%ReversingLabsWin32.PUA.Generic
    random.exe100%AviraTR/ATRAPS.Gen

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://detectportal.firefox.com;0%Avira URL Cloudsafe
    https://tracking-protection-issues.herokuapp.com/new0%Avira URL Cloudsafe
    https://xhr.spec.whatwg.org/#sync-warning0%Avira URL Cloudsafe
    http://www.mozilla.com00%Avira URL Cloudsafe
    https://identity.mozilla.com/ids/ecosystem_telemetryU0%Avira URL Cloudsafe
    http://exslt.org/dates-and-times0%Avira URL Cloudsafe
    http://127.0.0.1:0%Avira URL Cloudsafe
    https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-1520%Avira URL Cloudsafe
    https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f0%Avira URL Cloudsafe
    http://exslt.org/sets0%Avira URL Cloudsafe
    https://mozilla.cloudflare-dns.com/dns-query0%Avira URL Cloudsafe
    https://coverage.mozilla.org0%Avira URL Cloudsafe
    https://identity.mozilla.com/apps/relay0%Avira URL Cloudsafe
    http://exslt.org/strings0%Avira URL Cloudsafe
    https://blocked.cdn.mozilla.net/0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		96.7.128.192
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.253.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		162.159.140.229
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		52.24.225.206
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.193.91
                  		truefalse
                    		high
                    dyna.wikimedia.org
                    		185.15.59.224
                    		truefalse
                      		high
                      prod.remote-settings.prod.webservices.mozgcp.net
                      		34.149.100.209
                      		truefalse
                        		high
                        contile.services.mozilla.com
                        		34.117.188.166
                        		truefalse
                          		high
                          youtube.com
                          		142.250.185.110
                          		truefalse
                            		high
                            prod.content-signature-chains.prod.webservices.mozgcp.net
                            		34.160.144.191
                            		truefalse
                              		high
                              a19.dscg10.akamai.net
                              		2.22.61.59
                              		truefalse
                                		high
                                dualstack.reddit.map.fastly.net
                                		151.101.1.140
                                		truefalse
                                  		high
                                  youtube-ui.l.google.com
                                  		172.217.16.142
                                  		truefalse
                                    		high
                                    us-west1.prod.sumo.prod.webservices.mozgcp.net
                                    		34.149.128.2
                                    		truefalse
                                      		high
                                      ipv4only.arpa
                                      		192.0.0.171
                                      		truefalse
                                        		high
                                        prod.ads.prod.webservices.mozgcp.net
                                        		34.117.188.166
                                        		truefalse
                                          		high
                                          push.services.mozilla.com
                                          		34.107.243.93
                                          		truefalse
                                            		high
                                            normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                            		34.49.51.44
                                            		truefalse
                                              		high
                                              telemetry-incoming.r53-2.services.mozilla.com
                                              		34.120.208.123
                                              		truefalse
                                                		high
                                                www.reddit.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  spocs.getpocket.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content-signature-2.cdn.mozilla.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      support.mozilla.org
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        firefox.settings.services.mozilla.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.youtube.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.facebook.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              detectportal.firefox.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                normandy.cdn.mozilla.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  shavar.services.mozilla.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.wikipedia.org
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        http://detectportal.firefox.com;firefox.exe, 0000000D.00000003.1370754871.000002462850A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1396852134.000002462850E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 00000016.00000002.2385900510.000001B237CC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                            		high
                                                                            http://www.mozilla.com0gmpopenh264.dll.tmp.13.drfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drfalse
                                                                              		high
                                                                              https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000010.00000002.2386179754.0000028DFB786000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237C8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://www.leboncoin.fr/firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://spocs.getpocket.com/spocsfirefox.exe, 0000000D.00000003.1388853200.00000246289D3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.amazon.com/exec/obidos/external-search/?field-keywords=&ie=UTF-8&mode=blended&tag=mozillfirefox.exe, 0000000D.00000003.1354963967.0000024622AF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.000002462888F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://shavar.services.mozilla.comfirefox.exe, 0000000D.00000003.1405133998.0000024621645000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://completion.amazon.com/search/complete?q=firefox.exe, 0000000D.00000003.1349984880.000002462899B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000D.00000003.1405133998.0000024621695000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000D.00000003.1388200900.000002462C287000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://monitor.firefox.com/breach-details/firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()firefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000D.00000003.1240112991.0000024621599000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237574502.0000024621556000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://www.msn.comfirefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000D.00000003.1190894965.000002462023C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190745586.000002462021F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191180020.0000024620277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1191032429.000002462025A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1190611039.0000024620000000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequestfirefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      http://exslt.org/setsfirefox.exe, 00000019.00000002.1381989504.00000283AA1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1373187132.00000283AA1A8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://youtube.com/firefox.exe, 0000000D.00000003.1384724878.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1397581466.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1401745291.00000246226ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1396441149.0000024628522000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351917314.00000246239E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1370754871.0000024628522000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000D.00000003.1366439135.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244348347.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1395414457.00000246288EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350220538.00000246288EC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94firefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drfalse
                                                                                                                              		high
                                                                                                                              https://www.instagram.com/firefox.exe, 0000000D.00000003.1249045807.000002462188C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://api.accounts.firefox.com/v1firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    http://exslt.org/commonfirefox.exe, 00000019.00000002.1381989504.00000283AA1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1373187132.00000283AA1A8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThefirefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://www.amazon.com/firefox.exe, 0000000D.00000003.1347468870.000002462BCBA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000000D.00000003.1348629587.000002462AB9A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA2AA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://exslt.org/dates-and-timesfirefox.exe, 00000019.00000002.1381855822.00000283AA162000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown
                                                                                                                                                https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&ctafirefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drfalse
                                                                                                                                                  		high
                                                                                                                                                  http://ocsp.rootca1.amazontrust.com0:firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://www.youtube.com/firefox.exe, 0000000D.00000003.1370398046.0000024628579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1398012890.00000246239B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB703000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2385900510.000001B237C0C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://MD8.mozilla.org/1/mfirefox.exe, 0000000D.00000003.1405930474.00000246215B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.bbc.co.uk/firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000016.00000002.2385900510.000001B237CC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                http://127.0.0.1:firefox.exe, 0000000D.00000003.1237129067.0000024621599000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237129067.0000024621593000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1236525592.00000246229CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                		unknown
                                                                                                                                                                https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1293943205.000002462192E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000D.00000003.1244685407.00000246216D6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                  		unknown
                                                                                                                                                                  https://bugzilla.mofirefox.exe, 0000000D.00000003.1379818511.000002462C352000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://mitmdetection.services.mozilla.com/firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000D.00000003.1405133998.0000024621695000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://youtube.com/account?=recovery.jsonlz4.tmp.13.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://shavar.services.mozilla.com/firefox.exe, 0000000D.00000003.1393536619.000002462B389000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000000D.00000003.1348629587.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1363785352.000002462AB9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA2AE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://spocs.getpocket.com/firefox.exe, 00000016.00000002.2385900510.000001B237C13000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    https://www.iqiyi.com/firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://exslt.org/stringsfirefox.exe, 00000019.00000002.1379998154.000002839E90A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://monitor.firefox.com/user/dashboardfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://monitor.firefox.com/aboutfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://mozilla.org/MPL/2.0/.firefox.exe, 0000000D.00000003.1231040406.0000024622DDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1369439721.000002462863C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1365611634.0000024628C29000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1229339255.0000024628A86000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1320864298.00000246283E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1403438017.0000024621AB3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1250338429.0000024621888000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1327146276.0000024621823000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351917314.0000024623964000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1324313258.0000024628A84000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1326585981.0000024621823000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1199724200.00000246206FA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1199724200.00000246206EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1312454282.0000024620D9E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1341838472.00000246206FA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1318925494.0000024628A07000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1317801469.00000246283E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1325027438.0000024621839000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.0000024623964000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351433969.000002462863C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1372275681.0000024623945000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://account.bellmedia.cfirefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        http://youtube.com/firefox.exe, 0000000D.00000003.1349682119.0000024628C52000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://login.microsoftonline.comfirefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1351917314.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.000002462397C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://coverage.mozilla.orgfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestStofirefox.exe, 00000019.00000002.1383928258.00000283AA8D0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.13.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://www.zhihu.com/firefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://x1.c.lencr.org/0firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://x1.i.lencr.org/0firefox.exe, 0000000D.00000003.1373258245.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1350643331.0000024628681000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1353622577.0000024622ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1237673755.00000246209CF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000D.00000003.1318925494.0000024628A27000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://blocked.cdn.mozilla.net/firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                        https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000D.00000003.1350643331.00000246286B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1368273001.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1383626231.00000246286B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000019.00000003.1367839933.00000283AA292000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://profiler.firefox.comfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://identity.mozilla.com/apps/relayfirefox.exe, 0000000D.00000003.1404425623.0000024621A42000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000D.00000003.1351917314.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1371000923.00000246239A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1384724878.00000246239B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1397581466.00000246239BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://bugzilla.mozilla.org/show_bug.cgi?id=1678448firefox.exe, 0000000D.00000003.1261080715.0000024621452000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1261522975.000002462145B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1261080715.0000024621443000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://mail.yahoo.co.jp/compose/?To=%sfirefox.exe, 0000000D.00000003.1193256488.000002461FE19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1192461100.000002461FE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1194019625.000002461FE33000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpgfirefox.exe, 0000000E.00000002.2386050671.0000025AA56C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2386179754.0000028DFB7EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000016.00000002.2389498341.000001B237E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://contile.services.mozilla.com/v1/tilesfirefox.exe, 0000000D.00000003.1388853200.00000246289D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://www.amazon.co.uk/firefox.exe, 0000000D.00000003.1367714036.0000024628873000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1244470153.0000024628873000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/firefox.exe, 0000000D.00000003.1346789017.000002462C383000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://monitor.firefox.com/user/preferencesfirefox.exe, 0000000E.00000002.2384710719.0000025AA5390000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.2384285387.0000028DFB670000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000016.00000002.2384942540.000001B237A90000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high

                                                                                                                                                                                                                                                World Map of Contacted IPs

                                                                                                                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                                                                                                                Public IPs

                                                                                                                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                2.22.61.59
                                                                                                                                                                                                                                                		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                34.149.100.209
                                                                                                                                                                                                                                                		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                142.250.185.110
                                                                                                                                                                                                                                                		youtube.comUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                34.107.243.93
                                                                                                                                                                                                                                                		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                52.24.225.206
                                                                                                                                                                                                                                                		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                34.107.221.82
                                                                                                                                                                                                                                                		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                35.244.181.201
                                                                                                                                                                                                                                                		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                34.49.51.44
                                                                                                                                                                                                                                                		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                34.117.188.166
                                                                                                                                                                                                                                                		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                151.101.193.91
                                                                                                                                                                                                                                                		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                		54113FASTLYUSfalse
                                                                                                                                                                                                                                                35.190.72.216
                                                                                                                                                                                                                                                		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                34.160.144.191
                                                                                                                                                                                                                                                		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                34.120.208.123
                                                                                                                                                                                                                                                		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                Private

                                                                                                                                                                                                                                                IP
                                                                                                                                                                                                                                                127.0.0.1

                                                                                                                                                                                                                                                General Information

                                                                                                                                                                                                                                                Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                Analysis ID:1639372
                                                                                                                                                                                                                                                Start date and time:2025-03-15 13:36:10 +01:00
                                                                                                                                                                                                                                                Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                Overall analysis duration:0h 6m 34s
                                                                                                                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                Report type:full
                                                                                                                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                                                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                Number of analysed new started processes analysed:28
                                                                                                                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                                                                                                                Number of injected processes analysed:0
                                                                                                                                                                                                                                                Technologies:
                                                                                                                                                                                                                                                • HCA enabled
                                                                                                                                                                                                                                                • EGA enabled
                                                                                                                                                                                                                                                • AMSI enabled
                                                                                                                                                                                                                                                Analysis Mode:default
                                                                                                                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                                                                                                                Sample name:random.exe
                                                                                                                                                                                                                                                Detection:MAL
                                                                                                                                                                                                                                                Classification:mal76.troj.evad.winEXE@37/41@72/14
                                                                                                                                                                                                                                                EGA Information:
                                                                                                                                                                                                                                                • Successful, ratio: 40%
                                                                                                                                                                                                                                                HCA Information:
                                                                                                                                                                                                                                                • Successful, ratio: 96%
                                                                                                                                                                                                                                                • Number of executed functions: 49
                                                                                                                                                                                                                                                • Number of non-executed functions: 293
                                                                                                                                                                                                                                                Cookbook Comments:
                                                                                                                                                                                                                                                • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                Warnings

                                                                                                                                                                                                                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                • Excluded IPs from analysis (whitelisted): 23.60.203.209, 142.250.185.234, 142.250.185.202, 142.250.186.142, 142.250.185.78, 52.149.20.212
                                                                                                                                                                                                                                                • Excluded domains from analysis (whitelisted): fs.microsoft.com, ciscobinary.openh264.org, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, aus5.mozilla.org, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, e16604.dscf.akamaiedge.net, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, redirector.gvt1.com, safebrowsing.googleapis.com, prod.fs.microsoft.com.akadns.net, location.services.mozilla.com
                                                                                                                                                                                                                                                • Execution Graph export aborted for target firefox.exe, PID 7948 because there are no executed function
                                                                                                                                                                                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                Simulations

                                                                                                                                                                                                                                                Behavior and APIs

                                                                                                                                                                                                                                                TimeTypeDescription
                                                                                                                                                                                                                                                08:37:15API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                                                                                                                IPs

                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                2.22.61.59random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                34.49.51.44VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                  https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    34.117.188.166VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      AaxpYFDQ32.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                        LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                            http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                F2024065877 (1).htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  Ahnenblatt4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    LDWin.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        34.149.100.209VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          https://flowto.it/eEoTA6vzsR?fc=0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            https://aws.orgserv.dnsnet.cloud.anondns.netGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                                    Ahnenblatt4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      LDWin.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                            Domains

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            shavar.prod.mozaws.netVirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.35.142.224
                                                                                                                                                                                                                                                                                                            am_no.batGet hashmaliciousAmadey, Credential Flusher, Healer AV Disabler, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 44.229.113.109
                                                                                                                                                                                                                                                                                                            5c9465cda4.exeGet hashmaliciousAmadey, GCleaner, LiteHTTP Bot, LummaC Stealer, Mint Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 44.231.118.238
                                                                                                                                                                                                                                                                                                            http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.26.30.181
                                                                                                                                                                                                                                                                                                            http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.26.30.181
                                                                                                                                                                                                                                                                                                            REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                                            • 52.26.30.181
                                                                                                                                                                                                                                                                                                            F2024065877 (1).htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 35.165.160.211
                                                                                                                                                                                                                                                                                                            https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 52.26.30.181
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            • 44.231.111.180
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            • 52.26.30.181
                                                                                                                                                                                                                                                                                                            example.orgVirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 23.215.0.132
                                                                                                                                                                                                                                                                                                            AaxpYFDQ32.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                            am_no.batGet hashmaliciousAmadey, Credential Flusher, Healer AV Disabler, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 23.215.0.132
                                                                                                                                                                                                                                                                                                            LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.186
                                                                                                                                                                                                                                                                                                            5c9465cda4.exeGet hashmaliciousAmadey, GCleaner, LiteHTTP Bot, LummaC Stealer, Mint Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.186
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                            http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                            http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                            REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                                            • 23.215.0.133
                                                                                                                                                                                                                                                                                                            F2024065877 (1).htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                            star-mini.c10r.facebook.comhttps://sheingivesback.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.252.35
                                                                                                                                                                                                                                                                                                            https://logon----app--ledgelive.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.0.35
                                                                                                                                                                                                                                                                                                            https://auth-app---crypto-sso--web-ced-cdn.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.252.35
                                                                                                                                                                                                                                                                                                            https://danse94.com/wp-content/upgrade/zoomvoicemail/chameleon/#rbaldridge@ah4r.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.253.35
                                                                                                                                                                                                                                                                                                            https://toysforhottubs.com/4XFdob16160NKIj279hgkphiycps610KOHUGVLGONYFUDE3572627MVAO3008q14Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.251.35
                                                                                                                                                                                                                                                                                                            (No subject).emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.0.35
                                                                                                                                                                                                                                                                                                            http://spfda.goelia1995.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.251.35
                                                                                                                                                                                                                                                                                                            http://ads.pancing77e.live/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.0.35
                                                                                                                                                                                                                                                                                                            https://app.storylane.io/share/3aoqhstphemlGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                                                                                                                                                                                                                                                            • 157.240.251.35
                                                                                                                                                                                                                                                                                                            https://bit.ly/3SzkTURGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 157.240.0.35

                                                                                                                                                                                                                                                                                                            ASNs

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            GOOGLE-AS-APGoogleAsiaPacificPteLtdSGKKveTTgaAAsecNNaaaa.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.111.68
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 34.65.20.104
                                                                                                                                                                                                                                                                                                            http://case-id-1000228256743.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://case-id-1000228256475.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://case-id-1000228254902.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://case-id-1000228251305.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://case-id-1000228270262.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://case-id-1000228255935.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://case-id-1000228287327.counselschambers.co.uk/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.59.81
                                                                                                                                                                                                                                                                                                            http://uyty678.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 34.117.77.79
                                                                                                                                                                                                                                                                                                            ATGS-MMD-ASUShgfs.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.178.176.39
                                                                                                                                                                                                                                                                                                            hgfs.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 48.14.181.15
                                                                                                                                                                                                                                                                                                            hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.20.69.136
                                                                                                                                                                                                                                                                                                            hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 32.243.105.186
                                                                                                                                                                                                                                                                                                            hgfs.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 32.90.140.16
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 48.221.53.121
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.224.176.176
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.i686.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.43.170.15
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.i486.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 51.0.20.250
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 48.23.90.102
                                                                                                                                                                                                                                                                                                            AKAMAI-ASN1EUOur Order.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.100.168
                                                                                                                                                                                                                                                                                                            https://sreqmcoommnunlty.com/pikus/kils/nuksGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 95.101.149.47
                                                                                                                                                                                                                                                                                                            https://pub-e78c2744dccf4257afcf7fafe0f41927.r2.dev/cmail.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.164.104
                                                                                                                                                                                                                                                                                                            https://sreqmcoommnunlty.com/bysre/tytik/polsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 95.101.149.47
                                                                                                                                                                                                                                                                                                            Sweepingcorp00990__098.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 95.101.182.112
                                                                                                                                                                                                                                                                                                            http://modepro.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.164.91
                                                                                                                                                                                                                                                                                                            https://logon----app--ledgelive.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 95.101.182.42
                                                                                                                                                                                                                                                                                                            https://auth-app---crypto-sso--web-ced-cdn.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 95.101.182.42
                                                                                                                                                                                                                                                                                                            https://com.emaill-ttbaytel.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.16.164.35
                                                                                                                                                                                                                                                                                                            https://danse94.com/wp-content/upgrade/zoomvoicemail/chameleon/#rbaldridge@ah4r.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                            • 2.21.65.158
                                                                                                                                                                                                                                                                                                            ATGS-MMD-ASUShgfs.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.178.176.39
                                                                                                                                                                                                                                                                                                            hgfs.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 48.14.181.15
                                                                                                                                                                                                                                                                                                            hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.20.69.136
                                                                                                                                                                                                                                                                                                            hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 32.243.105.186
                                                                                                                                                                                                                                                                                                            hgfs.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 32.90.140.16
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 48.221.53.121
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.224.176.176
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.i686.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 57.43.170.15
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.i486.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 51.0.20.250
                                                                                                                                                                                                                                                                                                            KKveTTgaAAsecNNaaaa.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 48.23.90.102
                                                                                                                                                                                                                                                                                                            AMAZON-02USDownloadSDKServer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 3.5.238.183
                                                                                                                                                                                                                                                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                            • 44.247.155.67
                                                                                                                                                                                                                                                                                                            boatnet.mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                            • 54.171.230.55
                                                                                                                                                                                                                                                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                            • 44.247.155.67
                                                                                                                                                                                                                                                                                                            verynicepeoplesgivenbestthingswithgreatness.htaGet hashmaliciousCobalt Strike, FormBookBrowse
                                                                                                                                                                                                                                                                                                            • 13.248.243.5
                                                                                                                                                                                                                                                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                            • 54.171.230.55
                                                                                                                                                                                                                                                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                            • 54.171.230.55
                                                                                                                                                                                                                                                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                            • 44.247.155.67
                                                                                                                                                                                                                                                                                                            Aramco requests.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                            • 13.248.169.48
                                                                                                                                                                                                                                                                                                            .i.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 54.171.230.55

                                                                                                                                                                                                                                                                                                            JA3 Fingerprints

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            fb0aa01abe9d8e4037eb3473ca6e2dcaDocument25.xlsmGet hashmaliciousScreenConnect Tool, AsyncRAT, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            AaxpYFDQ32.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            am_no.batGet hashmaliciousAmadey, Credential Flusher, Healer AV Disabler, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            Ahnenblatt4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            • 151.101.193.91
                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                            • 34.120.208.123

                                                                                                                                                                                                                                                                                                            Dropped Files

                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmphttp://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                              px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                  https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                            https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                  px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse

                                                                                                                                                                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                    C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_83716f43-5323-43dc-8d5c-a2e998ca1e58.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.177256412974187
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:AjM8h9WtbhbVbTbfbRbObtbyEl7n0rDJA6WnSrDtTUd/SkDrIw4:AYRtNhnzFSJUraBnSrDhUd/av
                                                                                                                                                                                                                                                                                                                                                    MD5:0D88A04999E641FA6790DC10B623D305
                                                                                                                                                                                                                                                                                                                                                    SHA1:C21E808AE7827AC3C6789DE5EB5293567C90C1DA
                                                                                                                                                                                                                                                                                                                                                    SHA-256:CEAF4F42B4D22EB4B0D647C1E3E983462C8885F1473FE93C9C8B539FEC59DF62
                                                                                                                                                                                                                                                                                                                                                    SHA-512:1BD84A8583BC1E3E409524BEBC5545676F3B60A910489F15BAA02C7AD2402DF2FE910A094F285111195FC19461848DF544492590391475B927242801AA20AB50
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"type":"uninstall","id":"83716f43-5323-43dc-8d5c-a2e998ca1e58","creationDate":"2025-03-15T14:02:38.647Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"65e71c9e-6ac3-4903-9066-b134350de32c","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                    C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_83716f43-5323-43dc-8d5c-a2e998ca1e58.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.177256412974187
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:AjM8h9WtbhbVbTbfbRbObtbyEl7n0rDJA6WnSrDtTUd/SkDrIw4:AYRtNhnzFSJUraBnSrDhUd/av
                                                                                                                                                                                                                                                                                                                                                    MD5:0D88A04999E641FA6790DC10B623D305
                                                                                                                                                                                                                                                                                                                                                    SHA1:C21E808AE7827AC3C6789DE5EB5293567C90C1DA
                                                                                                                                                                                                                                                                                                                                                    SHA-256:CEAF4F42B4D22EB4B0D647C1E3E983462C8885F1473FE93C9C8B539FEC59DF62
                                                                                                                                                                                                                                                                                                                                                    SHA-512:1BD84A8583BC1E3E409524BEBC5545676F3B60A910489F15BAA02C7AD2402DF2FE910A094F285111195FC19461848DF544492590391475B927242801AA20AB50
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"type":"uninstall","id":"83716f43-5323-43dc-8d5c-a2e998ca1e58","creationDate":"2025-03-15T14:02:38.647Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"65e71c9e-6ac3-4903-9066-b134350de32c","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                    C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):591
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.1289948102193135
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12:tjIQkyf9oB4kb/fs94tq4kb/fs6M3v44kb/fs94tq4kb/fs6xQXGYD:Bk6CmKHsmjKHsd3vbKHsmjKHshGU
                                                                                                                                                                                                                                                                                                                                                    MD5:56F02F10671952C4AA3A8D3366D3DF95
                                                                                                                                                                                                                                                                                                                                                    SHA1:FE3246E1340795D5E1DB7E3464841D0F407D94FA
                                                                                                                                                                                                                                                                                                                                                    SHA-256:695FDC39DBF51AA0DF6A38B5CDAD792D40282F898FC57429FADF345720D5C211
                                                                                                                                                                                                                                                                                                                                                    SHA-512:5C91084CA5953AB6518BE3E471969962F67AF04FB1943CDB831497C928DF1AF7DD40C82EABFF58584A484FD2A3D1FB503B46195B92398F78A46A68B37CEDA1F0
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:..***....2025-03-15 12:37:25.484000 UTC - [(null) 8660: Main Thread]: I/Logger Opening log..2025-03-15 12:37:26.032000 UTC - [Parent 8660: Main Thread]: D/Dump [Backstage.Dump] console.error: BackgroundUpdate: ..2025-03-15 12:37:26.032000 UTC - [Parent 8660: Main Thread]: D/Dump [Backstage.Dump] runBackgroundTask: backgroundupdate..2025-03-15 12:37:26.032000 UTC - [Parent 8660: Main Thread]: D/Dump [Backstage.Dump] console.error: BackgroundUpdate: ..2025-03-15 12:37:26.032000 UTC - [Parent 8660: Main Thread]: D/Dump [Backstage.Dump] runBackgroundTask: another instance is running..

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                                    MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                                    SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                                    SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                                    SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                                    MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                                    SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                                    SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\agfha1h2.MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate\compatibility.ini

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Windows WIN.INI
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):200
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.391255133360986
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:tZAQUsjcmktYWwktUp/UNE2aT/P4WX1rDZjrEFwHQ3ZjrEFwslyy:JWtYWXtUp8babN1rDVEFycVEFL
                                                                                                                                                                                                                                                                                                                                                    MD5:3FB561547A46AF02D6B00F86DC370634
                                                                                                                                                                                                                                                                                                                                                    SHA1:914867E4C763611B441835A3FC0082359FBF7277
                                                                                                                                                                                                                                                                                                                                                    SHA-256:5393F0E8D90EE6A26EAC13B81B83EDC0637487B3E427175021D7EC4CDE8E34A7
                                                                                                                                                                                                                                                                                                                                                    SHA-512:0E05486A6B6AD65D3A95FCFE46BE6687DD47E311374F11DE89F9CFB8C301951D6BFE43FA24851A3E759B6F8AF69A5F593568FB61F576AB52941F6B2B6EE54BC8
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:[Compatibility]..LastVersion=118.0.1_20230927232528/20230927232528..LastOSABI=WINNT_x86_64-msvc..LastPlatformDir=C:\Program Files\Mozilla Firefox..LastAppDir=C:\Program Files\Mozilla Firefox\browser..

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\agfha1h2.MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate\prefs.js

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):484
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.926765929982418
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12:j8sGCS2XKHYX6UlTSU9Mylau1yIV6YRNCL4MwR6Vxj:XnKH66UZ9Blz1zV61L/
                                                                                                                                                                                                                                                                                                                                                    MD5:EA9E57DFC92F439269C74E28AFD6172B
                                                                                                                                                                                                                                                                                                                                                    SHA1:DC38B5AEA7D3FBA50153E739AF1D0C3730323E64
                                                                                                                                                                                                                                                                                                                                                    SHA-256:FC3A72F292DA29761FFAB25A5296C35F49D9FB20ACEF69637D3E81C425B8C468
                                                                                                                                                                                                                                                                                                                                                    SHA-512:6A1F451AB38783646BEA7297A346DAB80FEFE43DE5C5021EA9C88992B9399DB761C961E179160EC7C48F1EC05C918CAA2921B173582DE8C0516951F8BA93EDD5
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("browser.launcherProcess.enabled", true);..user_pref("toolkit.startup.last_success", 1742042245);..

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.928471604496893
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:8S+OfJQPUFpOdwNIOdYVjvYcXaNLjwO38P:8S+OBIUjOdwiOdYVjjwLjwO38P
                                                                                                                                                                                                                                                                                                                                                    MD5:BDFCF3B308D8060D0024D6EFCEE02409
                                                                                                                                                                                                                                                                                                                                                    SHA1:CF1870709026031D133B162F6194AB7FB1829E7F
                                                                                                                                                                                                                                                                                                                                                    SHA-256:58938D01CD99BA8AA5CD0C83AD074BC2AF805492C39B58D0F9E1C2ECFFCB3EEE
                                                                                                                                                                                                                                                                                                                                                    SHA-512:F63982C13592F2960F4B8F8F5433D9F184597759C2811694413EC54928FD60D208EA8E9C831833801C8D31830A40439E569994B2A256D608AE4EAD86E3E24358
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"c5d95379-f4ee-4629-a507-6f15a0e93cd4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-03T11:50:29.548Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.928471604496893
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:8S+OfJQPUFpOdwNIOdYVjvYcXaNLjwO38P:8S+OBIUjOdwiOdYVjjwLjwO38P
                                                                                                                                                                                                                                                                                                                                                    MD5:BDFCF3B308D8060D0024D6EFCEE02409
                                                                                                                                                                                                                                                                                                                                                    SHA1:CF1870709026031D133B162F6194AB7FB1829E7F
                                                                                                                                                                                                                                                                                                                                                    SHA-256:58938D01CD99BA8AA5CD0C83AD074BC2AF805492C39B58D0F9E1C2ECFFCB3EEE
                                                                                                                                                                                                                                                                                                                                                    SHA-512:F63982C13592F2960F4B8F8F5433D9F184597759C2811694413EC54928FD60D208EA8E9C831833801C8D31830A40439E569994B2A256D608AE4EAD86E3E24358
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"c5d95379-f4ee-4629-a507-6f15a0e93cd4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-03T11:50:29.548Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 27954 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):6075
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.623258976790648
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:J2YbKsKNU2xWrp327tGmD4wBON6hCY9rI7hlJwgJVLd+MYE0pG+ml1j2+:JTx2x2t0FDJ4NF6ILPd+Md0k+uj
                                                                                                                                                                                                                                                                                                                                                    MD5:0EE1DEA50353EF72B3983D45C0F79672
                                                                                                                                                                                                                                                                                                                                                    SHA1:83A858B3793BD9B1C35A954FA71582F557DDAB01
                                                                                                                                                                                                                                                                                                                                                    SHA-256:76D8DD378010DD3158633286B32FCEE00A63EA8E85EAF2E60A8B8B1F6FD32C87
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D08B7A1C9EBF2C277662EA7314B371EE114153AE8CA840100D9EA053210BD20188CE591CA247C7E541590C6AAD925AD10F84F1AA025ACB2F01BC37B1DBC57EBD
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.2m....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 27954 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):6075
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.623258976790648
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:96:J2YbKsKNU2xWrp327tGmD4wBON6hCY9rI7hlJwgJVLd+MYE0pG+ml1j2+:JTx2x2t0FDJ4NF6ILPd+Md0k+uj
                                                                                                                                                                                                                                                                                                                                                    MD5:0EE1DEA50353EF72B3983D45C0F79672
                                                                                                                                                                                                                                                                                                                                                    SHA1:83A858B3793BD9B1C35A954FA71582F557DDAB01
                                                                                                                                                                                                                                                                                                                                                    SHA-256:76D8DD378010DD3158633286B32FCEE00A63EA8E85EAF2E60A8B8B1F6FD32C87
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D08B7A1C9EBF2C277662EA7314B371EE114153AE8CA840100D9EA053210BD20188CE591CA247C7E541590C6AAD925AD10F84F1AA025ACB2F01BC37B1DBC57EBD
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.2m....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                    MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                    SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                    SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                    SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                    MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                    SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                    SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                    SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 5, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 5
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.04905391753567332
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:DLivwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:D6wae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                                    MD5:DD9D28E87ED57D16E65B14501B4E54D1
                                                                                                                                                                                                                                                                                                                                                    SHA1:793839B47326441BE2D1336BA9A61C9B948C578D
                                                                                                                                                                                                                                                                                                                                                    SHA-256:BB4E6C58C50BD6399ED70468C02B584595C29F010B66F864CD4D6B427FA365BC
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A2626F6A3CBADE62E38DA5987729D99830D0C6AA134D4A9E615026A5F18ACBB11A2C3C80917DAD76DA90ED5BAA9B0454D4A3C2DD04436735E78C974BA1D035B1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                    MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                    SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                    SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                    MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                    SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                    SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.185924656884556
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:768:wI43DvfWXf4E6C4p4EC4Y4QfEWvM4B4QS4z4444XQ4U:wUfdvk
                                                                                                                                                                                                                                                                                                                                                    MD5:5656BA69BD2966108A461AAE35F60226
                                                                                                                                                                                                                                                                                                                                                    SHA1:9C2E5AE52D82CEA43C4A5FFF205A7700CF54D61C
                                                                                                                                                                                                                                                                                                                                                    SHA-256:587596712960B26EAC18CB354CCD633FFDB218E374A9D59EFEA843914D7AB299
                                                                                                                                                                                                                                                                                                                                                    SHA-512:38F715AD9156558B5D57CA2E75FB0FFE0C5C6728BD94484B8F15E090120DDD02DCE42DBC9CC7143AD6552460A5F3A40E577FAF1D76D5D40B25CDBE636F250054
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{60024e8e-cfd0-41e5-965d-7128c7dcf0e8}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.185924656884556
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:768:wI43DvfWXf4E6C4p4EC4Y4QfEWvM4B4QS4z4444XQ4U:wUfdvk
                                                                                                                                                                                                                                                                                                                                                    MD5:5656BA69BD2966108A461AAE35F60226
                                                                                                                                                                                                                                                                                                                                                    SHA1:9C2E5AE52D82CEA43C4A5FFF205A7700CF54D61C
                                                                                                                                                                                                                                                                                                                                                    SHA-256:587596712960B26EAC18CB354CCD633FFDB218E374A9D59EFEA843914D7AB299
                                                                                                                                                                                                                                                                                                                                                    SHA-512:38F715AD9156558B5D57CA2E75FB0FFE0C5C6728BD94484B8F15E090120DDD02DCE42DBC9CC7143AD6552460A5F3A40E577FAF1D76D5D40B25CDBE636F250054
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{60024e8e-cfd0-41e5-965d-7128c7dcf0e8}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                                    MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                                    SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                                    SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                                    SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                    MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                    SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                    SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                    MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                    SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                    SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                    MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                    SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                    SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                    MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                    SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                    SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.07335892763187632
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zkij:DLhesh7Owd4+jij
                                                                                                                                                                                                                                                                                                                                                    MD5:67B2BB9EB3A7CE16202705C44700C1C0
                                                                                                                                                                                                                                                                                                                                                    SHA1:A3AA6974D447C7EC4C6C9EFD43371146E8B9B02F
                                                                                                                                                                                                                                                                                                                                                    SHA-256:57215C2828BFD988A3C72D753D7224C463B29AB496EFA13E0734642906D9D7CD
                                                                                                                                                                                                                                                                                                                                                    SHA-512:6190582BC3557CCAC64806E1F5C00D91D8FE89676EAC6FD22581F74812E717E4728967A224564A535C1FD65164CA19790932A5306672FABE0BDA26D39010A922
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.035333735952226504
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:GtlstFRPIgpBlIll3lstFRPIgpB/lx89//alEl:GtWtnpzIl1WtnppD89XuM
                                                                                                                                                                                                                                                                                                                                                    MD5:942F5B9FACE5ED78635668D428A9235C
                                                                                                                                                                                                                                                                                                                                                    SHA1:E9DE73A7C329B28B5B6E6765CE8A13BA4C76BD48
                                                                                                                                                                                                                                                                                                                                                    SHA-256:EA904732FD59C99470661E4CF16A7975F86F823DE003D5F2E409D183787414EF
                                                                                                                                                                                                                                                                                                                                                    SHA-512:B71C2B1615EB3D9C2A257BAEDD0841398D13C4CDD9AF0719B1EB7B796D6263C0CB5A9BDE724921B957FBFE73FFBA84C77FF465AEF977E413BF9F5142B0349B43
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:..-.......................Z..P*..'..D...EB. .P..-.......................Z..P*..'..D...EB. .P........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):32824
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.03977539317490041
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:Ol1tJPFtJlNYYPLP4wl8rEXsxdwhml8XW3R2:KvZTrl8dMhm93w
                                                                                                                                                                                                                                                                                                                                                    MD5:AC874158C128236501072ED5FFE567BA
                                                                                                                                                                                                                                                                                                                                                    SHA1:E9F340B4114C2583E3977B2B90A652841C85B3BC
                                                                                                                                                                                                                                                                                                                                                    SHA-256:CF9EA7E5218C54FF3763F13D5EE507D888AEDB6A6052E8C9A6721B852DE12EDF
                                                                                                                                                                                                                                                                                                                                                    SHA-512:EA7DD919924A50AB84328EEEEE802A4806AFB5E26BE6441D4FD455DCC504480883C484E50F8785380BCCDB91538ABB3C9DFE7A25B8697D27805BFDCA3E4D5F2C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:7....-............'..D..X.#..C?a..........'..D...Z..*P..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1809), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:modified
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):13319
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.493027447286001
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:wnaRtLYbBp6yhj4qyaaXJ6K1aNjwmq5RfGNBw8siSl:NeEqnGWjWcwU0
                                                                                                                                                                                                                                                                                                                                                    MD5:08E0137793099E4CD85D02FA7FF30218
                                                                                                                                                                                                                                                                                                                                                    SHA1:F3962DBCFCE7F4CE3530FC99A5B29C198D81F64E
                                                                                                                                                                                                                                                                                                                                                    SHA-256:6C048771F85083D48222D515DEB8651A4A8213CC982C513A1D4547D0ACD3041E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:2FE943BD4096D7E5113CBB618FAF31907F15DE548AC81D434986EAA83451C77967AC5E4DE1E71360DA3AA95D4FF94AC31CE101C320244FFDBCDE2D4D4ED7399C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "57f16a19-e119-4073-bf01-28f88011f783");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.lastInstalledTaskVersion", 3);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1742047329);..user_pref("app.update.lastUpdateTime.background-update-timer", 1742047329);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1742047329);..user

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1809), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):13319
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.493027447286001
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:192:wnaRtLYbBp6yhj4qyaaXJ6K1aNjwmq5RfGNBw8siSl:NeEqnGWjWcwU0
                                                                                                                                                                                                                                                                                                                                                    MD5:08E0137793099E4CD85D02FA7FF30218
                                                                                                                                                                                                                                                                                                                                                    SHA1:F3962DBCFCE7F4CE3530FC99A5B29C198D81F64E
                                                                                                                                                                                                                                                                                                                                                    SHA-256:6C048771F85083D48222D515DEB8651A4A8213CC982C513A1D4547D0ACD3041E
                                                                                                                                                                                                                                                                                                                                                    SHA-512:2FE943BD4096D7E5113CBB618FAF31907F15DE548AC81D434986EAA83451C77967AC5E4DE1E71360DA3AA95D4FF94AC31CE101C320244FFDBCDE2D4D4ED7399C
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "57f16a19-e119-4073-bf01-28f88011f783");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.lastInstalledTaskVersion", 3);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1742047329);..user_pref("app.update.lastUpdateTime.background-update-timer", 1742047329);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1742047329);..user

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 5, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:6:ltBl/l4/WN1h4BEJYqWvLue3FMOrMZ0l:DBl/WuntfJiFxMZO
                                                                                                                                                                                                                                                                                                                                                    MD5:18F65713B07CB441E6A98655B726D098
                                                                                                                                                                                                                                                                                                                                                    SHA1:2CEFA32BC26B25BE81C411B60C9925CB0F1F8F88
                                                                                                                                                                                                                                                                                                                                                    SHA-256:B6C268E48546B113551A5AF9CA86BB6A462A512DE6C9289315E125CEB0FD8621
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A6871076C7D7ED53B630F9F144ED04303AD54A2E60B94ECA2AA96964D1AB375EEFDCA86CE0D3EB0E9DBB81470C6BD159877125A080C95EB17E54A52427F805FB
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                    MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                    SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                    SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                    SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                    MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                    SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                    SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                    SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5862 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1604
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.355247265537079
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:vkSUGlcAxStULXnIgdX/pnxQwRlsIgZsKHyOGH3j6xiMMtdL/5QH2oXfVurD/I0y:cpOxUUXnRLgZrSRGxHM5k9gwcR4
                                                                                                                                                                                                                                                                                                                                                    MD5:D186DF338C437E3CEEB3D9469F72C077
                                                                                                                                                                                                                                                                                                                                                    SHA1:13D9A63E1698F60A76CFD81B0E84B2B4EBB0E5B6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:164EC5FDFE473FA8883808C4335D99AA0BAE124B6D9E059025A600F3EEA42F3B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:60ED8AD6F943E794E973CC7EF8E8A1FFA3CCFE88BA8DACD611F12BBFC41AAB9F2EA898E25E2ECC70761A5ACD3426E187FB9474E8F684A55B9E72BE97E6459215
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{d9e10389-754b-45bd-aaa2-3a877bf73ed6}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1742047333770,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758...dth":128....eight":1024,"screenX......Y..Aizem..."maximize......BeforeMin...&..workspace:...6eded7fe-60e2-427f-a578-9758204d4aa7","zE..1...Wn..m........k..;....1":{..jUpdate...1,"startTim..`298648...centCrash..B0},".....Dcook.. hod..."addons.mozilla.org","valu...A8bad2467092e6ddeb0dfa9e5ea54d86d26790ca7ba2ce88d10cb4604fe726755","path":"/","na..a"taarI|.Recure...,a.Donly..fexpiry...05567,"originA..

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5862 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1604
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.355247265537079
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:vkSUGlcAxStULXnIgdX/pnxQwRlsIgZsKHyOGH3j6xiMMtdL/5QH2oXfVurD/I0y:cpOxUUXnRLgZrSRGxHM5k9gwcR4
                                                                                                                                                                                                                                                                                                                                                    MD5:D186DF338C437E3CEEB3D9469F72C077
                                                                                                                                                                                                                                                                                                                                                    SHA1:13D9A63E1698F60A76CFD81B0E84B2B4EBB0E5B6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:164EC5FDFE473FA8883808C4335D99AA0BAE124B6D9E059025A600F3EEA42F3B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:60ED8AD6F943E794E973CC7EF8E8A1FFA3CCFE88BA8DACD611F12BBFC41AAB9F2EA898E25E2ECC70761A5ACD3426E187FB9474E8F684A55B9E72BE97E6459215
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{d9e10389-754b-45bd-aaa2-3a877bf73ed6}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1742047333770,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758...dth":128....eight":1024,"screenX......Y..Aizem..."maximize......BeforeMin...&..workspace:...6eded7fe-60e2-427f-a578-9758204d4aa7","zE..1...Wn..m........k..;....1":{..jUpdate...1,"startTim..`298648...centCrash..B0},".....Dcook.. hod..."addons.mozilla.org","valu...A8bad2467092e6ddeb0dfa9e5ea54d86d26790ca7ba2ce88d10cb4604fe726755","path":"/","na..a"taarI|.Recure...,a.Donly..fexpiry...05567,"originA..

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5862 bytes
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):1604
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.355247265537079
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:vkSUGlcAxStULXnIgdX/pnxQwRlsIgZsKHyOGH3j6xiMMtdL/5QH2oXfVurD/I0y:cpOxUUXnRLgZrSRGxHM5k9gwcR4
                                                                                                                                                                                                                                                                                                                                                    MD5:D186DF338C437E3CEEB3D9469F72C077
                                                                                                                                                                                                                                                                                                                                                    SHA1:13D9A63E1698F60A76CFD81B0E84B2B4EBB0E5B6
                                                                                                                                                                                                                                                                                                                                                    SHA-256:164EC5FDFE473FA8883808C4335D99AA0BAE124B6D9E059025A600F3EEA42F3B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:60ED8AD6F943E794E973CC7EF8E8A1FFA3CCFE88BA8DACD611F12BBFC41AAB9F2EA898E25E2ECC70761A5ACD3426E187FB9474E8F684A55B9E72BE97E6459215
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{d9e10389-754b-45bd-aaa2-3a877bf73ed6}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1742047333770,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758...dth":128....eight":1024,"screenX......Y..Aizem..."maximize......BeforeMin...&..workspace:...6eded7fe-60e2-427f-a578-9758204d4aa7","zE..1...Wn..m........k..;....1":{..jUpdate...1,"startTim..`298648...centCrash..B0},".....Dcook.. hod..."addons.mozilla.org","valu...A8bad2467092e6ddeb0dfa9e5ea54d86d26790ca7ba2ce88d10cb4604fe726755","path":"/","na..a"taarI|.Recure...,a.Donly..fexpiry...05567,"originA..

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 6, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):2.0836444556178684
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24:JBwdh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jnEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                                                    MD5:8B40B1534FF0F4B533AF767EB5639A05
                                                                                                                                                                                                                                                                                                                                                    SHA1:63EDB539EA39AD09D701A36B535C4C087AE08CC9
                                                                                                                                                                                                                                                                                                                                                    SHA-256:AF275A19A5C2C682139266065D90C237282274D11C5619A121B7BDBDB252861B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:54AF707698CED33C206B1B193DA414D630901762E88E37E99885A50D4D5F8DDC28367C9B401DFE251CF0552B4FA446EE28F78A97C9096AFB0F2898BFBB673B53
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.034465824690011
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:YrSAYw6UQZpExB1+anOsW4Vh351VxWRzzc8eYMsku7f86SLAVL7if5FtsfAcbyJW:ycwyTEr5QFRzzcMvbw6KkCrrc2Rn27
                                                                                                                                                                                                                                                                                                                                                    MD5:7E64D59EFDEF1094E975A032CEDB3F8D
                                                                                                                                                                                                                                                                                                                                                    SHA1:9A14B2124CE1F4787D9A5478E98D35698883654A
                                                                                                                                                                                                                                                                                                                                                    SHA-256:CBEC01B8188B64C73303960C7682395A881F877A021BA0920B959125D608FB7F
                                                                                                                                                                                                                                                                                                                                                    SHA-512:6F9A2EF4BFCCC6E5CD3A7DB0B01473F620437A0E9945671303F65E502C83A275F070E9663F50184544D76532A09ACA4569F4748ED20B73786EB72EA8D2064A43
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-03-15T14:01:55.876Z","profileAgeCreated":1696333826043,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.034465824690011
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:48:YrSAYw6UQZpExB1+anOsW4Vh351VxWRzzc8eYMsku7f86SLAVL7if5FtsfAcbyJW:ycwyTEr5QFRzzcMvbw6KkCrrc2Rn27
                                                                                                                                                                                                                                                                                                                                                    MD5:7E64D59EFDEF1094E975A032CEDB3F8D
                                                                                                                                                                                                                                                                                                                                                    SHA1:9A14B2124CE1F4787D9A5478E98D35698883654A
                                                                                                                                                                                                                                                                                                                                                    SHA-256:CBEC01B8188B64C73303960C7682395A881F877A021BA0920B959125D608FB7F
                                                                                                                                                                                                                                                                                                                                                    SHA-512:6F9A2EF4BFCCC6E5CD3A7DB0B01473F620437A0E9945671303F65E502C83A275F070E9663F50184544D76532A09ACA4569F4748ED20B73786EB72EA8D2064A43
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-03-15T14:01:55.876Z","profileAgeCreated":1696333826043,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\xulstore.json (copy)

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):156
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.411137816108237
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YGNDhK6c2us1pNGHfYL2HEYwgL2HEmxhHtifYYMgEYyibudJ8KgfHVEW1:YGNTG/I2XV2fEzLEJ8Kgf1Ew
                                                                                                                                                                                                                                                                                                                                                    MD5:AAC5F6FC2FA4A5691A244B46164834FD
                                                                                                                                                                                                                                                                                                                                                    SHA1:F011E46647F4C402B798C285DE982A6BB9EC73BF
                                                                                                                                                                                                                                                                                                                                                    SHA-256:BE115879DA967E2C1213870515E049801E5950D1179325B99891869A40263BB0
                                                                                                                                                                                                                                                                                                                                                    SHA-512:963486CF702B7623C20123B669F538ADBC51B996E67AB52EDE4635FF05034CA28A3926A98656CB5E8E9BB2C1FBAD338744B312B4673585FD9810AA6E36D343EC
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"chrome://browser/content/browser.xhtml":{"sidebar-box":{"sidebarcommand":"","style":""},"sidebar-title":{"value":""},"main-window":{"sizemode":"normal"}}}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\xulstore.json.tmp

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):156
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.411137816108237
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:YGNDhK6c2us1pNGHfYL2HEYwgL2HEmxhHtifYYMgEYyibudJ8KgfHVEW1:YGNTG/I2XV2fEzLEJ8Kgf1Ew
                                                                                                                                                                                                                                                                                                                                                    MD5:AAC5F6FC2FA4A5691A244B46164834FD
                                                                                                                                                                                                                                                                                                                                                    SHA1:F011E46647F4C402B798C285DE982A6BB9EC73BF
                                                                                                                                                                                                                                                                                                                                                    SHA-256:BE115879DA967E2C1213870515E049801E5950D1179325B99891869A40263BB0
                                                                                                                                                                                                                                                                                                                                                    SHA-512:963486CF702B7623C20123B669F538ADBC51B996E67AB52EDE4635FF05034CA28A3926A98656CB5E8E9BB2C1FBAD338744B312B4673585FD9810AA6E36D343EC
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:{"chrome://browser/content/browser.xhtml":{"sidebar-box":{"sidebarcommand":"","style":""},"sidebar-title":{"value":""},"main-window":{"sizemode":"normal"}}}

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\installs.ini

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):75
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):4.983139730959608
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:3:plqfnrYKNXkB83BGvbr:raU8XFGvv
                                                                                                                                                                                                                                                                                                                                                    MD5:A6344F13C7A20D279555E020A739172F
                                                                                                                                                                                                                                                                                                                                                    SHA1:B9B64F21D0B74FEDF0077DDF2C0F5D05EABF537C
                                                                                                                                                                                                                                                                                                                                                    SHA-256:9125EDF7C9F7CFDF5473D76BBE525867EB3CDFA534C9A002CDDB63F6423E748B
                                                                                                                                                                                                                                                                                                                                                    SHA-512:10A1BAEB3D3E751FD768076CFA91A3586CDC7D3931632F8BE1A87C636288C6C090BD4E1B7B3CCB675A47CA85E3BD63A31BA1D15C2421AC93D6B94E2A88B7DE0F
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:[308046B0AF4A39CB]..Default=Profiles/fqs92o4p.default-release..Locked=1....

                                                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini

                                                                                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    File Type:Generic INItialization configuration [Profile1]
                                                                                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                                                                                    Size (bytes):456
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):5.2102500161676195
                                                                                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:12:HuBGFGvPO8uLMdIezMfIRyMdIWFETR5bWvWFvy:HuBCGvPOZLMdIFfVMdIH6uFvy
                                                                                                                                                                                                                                                                                                                                                    MD5:F469AD88541AE947E4A842012E917782
                                                                                                                                                                                                                                                                                                                                                    SHA1:4085C53701A94B40486AB90BA71A2ADFDA160FAE
                                                                                                                                                                                                                                                                                                                                                    SHA-256:C34BF5A47CD3001C2BAA23B6DBDDA79AE4358CA787BF046D3C91FEA34857E7B4
                                                                                                                                                                                                                                                                                                                                                    SHA-512:A7753BDE94FA9E366EF4382C19DCAA96DE58B2D8DBE1C19241E75F404CCA93E29C0F6471F8609AFB5D5C0201C162BF709B74ECCD5CDD6526D9A2945C90104D85
                                                                                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                                                                                    Preview:[Install308046B0AF4A39CB]..Default=Profiles/fqs92o4p.default-release..Locked=1....[Profile1]..Name=default..IsRelative=1..Path=Profiles/z6bny8rn.default..Default=1....[Profile0]..Name=default-release..IsRelative=1..Path=Profiles/fqs92o4p.default-release....[General]..StartWithLastProfile=1..Version=2....[BackgroundTasksProfiles]..MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate=agfha1h2.MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate....

                                                                                                                                                                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                    Entropy (8bit):6.693387788432424
                                                                                                                                                                                                                                                                                                                                                    TrID:
                                                                                                                                                                                                                                                                                                                                                    • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                                    File name:random.exe
                                                                                                                                                                                                                                                                                                                                                    File size:966'144 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5:7b263841e989d2a9f7d156e74cb36e6f
                                                                                                                                                                                                                                                                                                                                                    SHA1:daf7c46fc057c7e3dc266faacf89652cc1cf9720
                                                                                                                                                                                                                                                                                                                                                    SHA256:6457881894861cb853a08b65e3b63b2916f317ce6730338f0508cf84f5f930e8
                                                                                                                                                                                                                                                                                                                                                    SHA512:b5a569ddbaf01806babcb1676dd4d74ea94e3253c4a803fa70c2cba0ba456e20a943049dd54cdcf39b51fb30b65fe9ca812a047bf65a043c02c53c9649317ee1
                                                                                                                                                                                                                                                                                                                                                    SSDEEP:24576:JqDEvCTbMWu7rQYlBQcBiT6rprG8a3Uu:JTvC/MTQYxsWR7a3
                                                                                                                                                                                                                                                                                                                                                    TLSH:E7259E027391C062FFAB92334F5AF6515BBC69260123E61F13A81D79BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                                                    File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                                                    File Icon

                                                                                                                                                                                                                                                                                                                                                    Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                                                    Static PE Info

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                                                    Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                                    Digitally signed:false
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                    Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                                    DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                                    Time Stamp:0x67D55D42 [Sat Mar 15 10:58:10 2025 UTC]
                                                                                                                                                                                                                                                                                                                                                    TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                                    CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                                    OS Version Major:5
                                                                                                                                                                                                                                                                                                                                                    OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                                    File Version Major:5
                                                                                                                                                                                                                                                                                                                                                    File Version Minor:1
                                                                                                                                                                                                                                                                                                                                                    Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                                    Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                                    Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                                                    Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                                    Instruction
                                                                                                                                                                                                                                                                                                                                                    call 00007F56E0802D53h
                                                                                                                                                                                                                                                                                                                                                    jmp 00007F56E080265Fh
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    call 00007F56E080283Dh
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                    mov eax, esi
                                                                                                                                                                                                                                                                                                                                                    pop esi
                                                                                                                                                                                                                                                                                                                                                    pop ebp
                                                                                                                                                                                                                                                                                                                                                    retn 0004h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                    ret
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    call 00007F56E080280Ah
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                    mov eax, esi
                                                                                                                                                                                                                                                                                                                                                    pop esi
                                                                                                                                                                                                                                                                                                                                                    pop ebp
                                                                                                                                                                                                                                                                                                                                                    retn 0004h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                    ret
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                                                    and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                    add eax, 04h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    call 00007F56E08053FDh
                                                                                                                                                                                                                                                                                                                                                    pop ecx
                                                                                                                                                                                                                                                                                                                                                    pop ecx
                                                                                                                                                                                                                                                                                                                                                    mov eax, esi
                                                                                                                                                                                                                                                                                                                                                    pop esi
                                                                                                                                                                                                                                                                                                                                                    pop ebp
                                                                                                                                                                                                                                                                                                                                                    retn 0004h
                                                                                                                                                                                                                                                                                                                                                    lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    call 00007F56E0805448h
                                                                                                                                                                                                                                                                                                                                                    pop ecx
                                                                                                                                                                                                                                                                                                                                                    ret
                                                                                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                                                                                    mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                    lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                    mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                                                                                    call 00007F56E0805431h
                                                                                                                                                                                                                                                                                                                                                    test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                                    pop ecx

                                                                                                                                                                                                                                                                                                                                                    Rich Headers

                                                                                                                                                                                                                                                                                                                                                    Programming Language:
                                                                                                                                                                                                                                                                                                                                                    • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                                    • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                                    Data Directories

                                                                                                                                                                                                                                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x1529c.rsrc
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0xea0000x7594.reloc
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                                    Sections

                                                                                                                                                                                                                                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                                    .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                    .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                    .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                    .rsrc0xd40000x1529c0x15400641e646e9fbea6924795afc19af3efcbFalse0.686328125data7.1151258032034805IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                    .reloc0xea0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                                    Resources

                                                                                                                                                                                                                                                                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                                                    RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                                                    RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                                                    RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                                                    RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                                                    RT_RCDATA0xdc8fc0xc420data1.0005178457616317
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe8d1c0x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe8d940x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe8da80x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0xe8dbc0x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                    RT_VERSION0xe8dd00xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                                                    RT_MANIFEST0xe8eac0x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                                                    Imports

                                                                                                                                                                                                                                                                                                                                                    DLLImport
                                                                                                                                                                                                                                                                                                                                                    WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                                                    VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                                                    WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                                                    COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                                                    MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                                                    WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                                                    PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                                                    IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                                                    USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                                                    UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                                                    KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                                                    USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                                                    GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                                                    COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                                                    ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                                                    SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                                                    ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                                                    OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                                                    Version Infos

                                                                                                                                                                                                                                                                                                                                                    DescriptionData
                                                                                                                                                                                                                                                                                                                                                    Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                                                    Possible Origin

                                                                                                                                                                                                                                                                                                                                                    Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                                    EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                                                                                                                                                                                                    TCP Packets

                                                                                                                                                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.068209887 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.068248034 CET4434972335.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.071707964 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.076045990 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.076073885 CET4434972335.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.536772013 CET4434972335.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.537061930 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.546181917 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.546189070 CET4434972335.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.546379089 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.546569109 CET4434972335.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.546698093 CET49723443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.413353920 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.413391113 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.415832996 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.420567989 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.420598984 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.433237076 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.433280945 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.443941116 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.445806980 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.445820093 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.468132019 CET4972880192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.472884893 CET804972834.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.472975016 CET4972880192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.473130941 CET4972880192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.477760077 CET804972834.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.938925982 CET804972834.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.960084915 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.960148096 CET4434972934.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.967732906 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.969405890 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.969419956 CET4434972934.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.990185976 CET4972880192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.061486006 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.062182903 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.062650919 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.062983036 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.062990904 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.100656033 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.100672007 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.100724936 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.101685047 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.102144003 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.102158070 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.106122017 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.143964052 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.435981035 CET4434972934.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.435996056 CET4434972934.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.442200899 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.752295971 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.752321959 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.752335072 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.752646923 CET44349726142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.754729986 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.754751921 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.754847050 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.755029917 CET44349727142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.755225897 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.755268097 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.755366087 CET49727443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.755388975 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.755404949 CET49726443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.756972075 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.757005930 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.760504007 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.760515928 CET4434972934.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.760627985 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.760731936 CET4434972934.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.761091948 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.761117935 CET4434973234.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.763037920 CET49729443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.763155937 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765171051 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765185118 CET4434973234.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765439034 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765456915 CET4434973334.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.766242981 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.767555952 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.767565966 CET4434973334.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.768600941 CET4973480192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.773272991 CET804973434.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.773401022 CET4973480192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.773475885 CET4973480192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.777849913 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.777880907 CET4434973535.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.778148890 CET804973434.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.778726101 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.778810978 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.778825045 CET4434973535.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906336069 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906363964 CET4434973634.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906696081 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906833887 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906847000 CET4434973634.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.238481045 CET4434973234.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.238599062 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.239082098 CET804973434.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.239283085 CET4434973535.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.239429951 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.244050980 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.244061947 CET4434973535.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.244293928 CET4434973334.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.244359970 CET4434973535.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.244896889 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249397993 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249412060 CET4434973234.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249469042 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249607086 CET4434973234.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249609947 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249679089 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249778986 CET4434973535.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249838114 CET49732443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.249991894 CET49735443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.250690937 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.250710964 CET4434973334.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.250797987 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.250861883 CET4434973334.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.250914097 CET49733443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.251190901 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.251243114 CET4434973734.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.255275011 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.256681919 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.256701946 CET4434973734.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.288048029 CET4973480192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.392347097 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.393047094 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.398771048 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.398798943 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.403763056 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.403801918 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.403851032 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.403944969 CET44349731142.250.185.110192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.403999090 CET49731443192.168.2.4142.250.185.110
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.421847105 CET4434973634.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.421926022 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.509172916 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.509192944 CET4434973634.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.509543896 CET4434973634.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.510274887 CET4973480192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.510313034 CET4972880192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.512366056 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.512476921 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.512558937 CET4434973634.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.512908936 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.512943983 CET4434973834.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.515223026 CET804973434.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.515331984 CET804972834.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.515942097 CET49736443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.515964031 CET4973480192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.515989065 CET4972880192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.516084909 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.516148090 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.516158104 CET4434973834.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.562959909 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.567679882 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.569114923 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.569282055 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.573906898 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.834023952 CET4434973734.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.834103107 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.838913918 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.838928938 CET4434973734.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.839003086 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.839101076 CET4434973734.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.839179039 CET49737443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.979249001 CET4434973834.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.979322910 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.982765913 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.982774973 CET4434973834.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.983011961 CET4434973834.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.984937906 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.985043049 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.985099077 CET4434973834.160.144.191192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.987184048 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.987184048 CET49738443192.168.2.434.160.144.191
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.017286062 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.050916910 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.050962925 CET4434974034.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.052263975 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.056340933 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.056354046 CET4434974034.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.059209108 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.118568897 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.119231939 CET4974180192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.123298883 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.123894930 CET804974134.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.128273010 CET4974180192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.128680944 CET4974180192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.133311987 CET804974134.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.214576960 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.230731964 CET4974180192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.259783983 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.278527021 CET804974134.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.436728001 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.441617966 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.444061995 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.444243908 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.449002981 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.487047911 CET804974134.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.488439083 CET4974180192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.517827034 CET4434974034.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.518418074 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522387028 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522397041 CET4434974034.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522486925 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522603989 CET4434974034.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522802114 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522830963 CET4434974434.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522952080 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.522974968 CET49740443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.524439096 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.524452925 CET4434974434.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.756622076 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.756683111 CET4434974552.24.225.206192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.757307053 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.758780956 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.758795023 CET4434974552.24.225.206192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.889838934 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.951778889 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.989275932 CET4434974434.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.992149115 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.075103998 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.075130939 CET4434974434.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.075223923 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.075356007 CET4434974434.117.188.166192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.075784922 CET49744443192.168.2.434.117.188.166
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.503724098 CET4434974552.24.225.206192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.508328915 CET4434974552.24.225.206192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.512702942 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.517081976 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.517095089 CET4434974552.24.225.206192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.517220974 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.517299891 CET4434974552.24.225.206192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.517441988 CET49745443192.168.2.452.24.225.206
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.579169989 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.583834887 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.587455034 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.587486982 CET4434974835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.588324070 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.588478088 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.588489056 CET4434974835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.674240112 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.722836018 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.788064957 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.788091898 CET4434974934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.791984081 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.794101000 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.794122934 CET4434974934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.985647917 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.988002062 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.988061905 CET4434975034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.990396976 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.991619110 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.993721962 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.993740082 CET4434975034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.999011040 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.999025106 CET4434975134.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.999169111 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.000534058 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.000545025 CET4434975134.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.061393976 CET4434974835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.061616898 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.065453053 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.065464973 CET4434974835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.065707922 CET4434974835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.067934036 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.067969084 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.068085909 CET4434974835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.069272041 CET49748443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.080219984 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.123089075 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.251822948 CET4434974934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.251920938 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.257782936 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.257793903 CET4434974934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.257895947 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.257957935 CET4434974934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.258125067 CET49749443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.453493118 CET4434975034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.467742920 CET4434975134.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.468338013 CET4434975034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.468863010 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.475980997 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.475996971 CET4434975034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.476079941 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.476238966 CET4434975034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.476332903 CET4434975134.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.476370096 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.476386070 CET49750443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.476402044 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.480998993 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.481013060 CET4434975134.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.481096983 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.481328964 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.481523037 CET4434975134.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.482178926 CET49751443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.790811062 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.790847063 CET4434975334.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.793948889 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.795469046 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.795485020 CET4434975334.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.963778019 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.968539000 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.981434107 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.981467962 CET4434975434.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.990286112 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.991900921 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.991916895 CET4434975434.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.059079885 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.106153011 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.183356047 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.188112974 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.250323057 CET4434975334.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.250428915 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.255498886 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.255508900 CET4434975334.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.255615950 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.255687952 CET4434975334.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.255768061 CET49753443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.277976036 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.321403027 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.446561098 CET4434975434.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.446578979 CET4434975434.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.447813034 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.452754021 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.452768087 CET4434975434.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.452853918 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.452960014 CET4434975434.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.453291893 CET49754443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.643035889 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.647797108 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.649418116 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.649451017 CET4434975734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.649760008 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.651251078 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.651263952 CET4434975734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.738163948 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.780675888 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.785402060 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.794713974 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.875488997 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.926251888 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.068361998 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.068470001 CET4434975834.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.068566084 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.068622112 CET4434975934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.069535017 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.069638968 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.069751978 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.069785118 CET4434975834.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.069869041 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.069880009 CET4434975934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.106770039 CET4434975734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.106852055 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.125812054 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.125840902 CET4434975734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.125977993 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.126039028 CET4434975734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.126261950 CET49757443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.139514923 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.144319057 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.235057116 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.280510902 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.526256084 CET4434975934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.526321888 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.543365002 CET4434975834.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.543446064 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.596926928 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.596961975 CET4434975934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.597307920 CET4434975934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.599150896 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.599172115 CET4434975834.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.599559069 CET4434975834.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602478027 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602585077 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602679968 CET4434975934.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602690935 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602756023 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602900982 CET4434975834.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.602905989 CET49759443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.603274107 CET49758443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.766611099 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.771398067 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.862658024 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.875572920 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.880368948 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.916503906 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:29.152475119 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:29.201724052 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:30.132561922 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:30.137379885 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:30.232989073 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:30.273895025 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.614252090 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.614303112 CET4434976034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.614449024 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.615895033 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.615911961 CET4434976034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.084635019 CET4434976034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.085045099 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.089881897 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.089893103 CET4434976034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.089991093 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.090631008 CET4434976034.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.090722084 CET49760443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.093070984 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.097771883 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.189301014 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.192814112 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.198863029 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.248584986 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.287770987 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.342108965 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.217505932 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.217540026 CET4434976135.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.218244076 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.218667030 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.218682051 CET4434976135.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.246022940 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.246057034 CET4434976234.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.246558905 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.246613979 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.246623993 CET4434976234.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.250962973 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.250994921 CET44349763151.101.193.91192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.251611948 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.251858950 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.251868963 CET44349763151.101.193.91192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.294781923 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.294827938 CET4434976435.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.301585913 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.303258896 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.303273916 CET4434976435.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.314718008 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.314738035 CET4434976534.49.51.44192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.318598986 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.321698904 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.321712971 CET4434976534.49.51.44192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.675630093 CET4434976135.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.675730944 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.679131031 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.679141045 CET4434976135.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.679402113 CET4434976135.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.681500912 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.681586027 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.681694031 CET4434976135.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.681813002 CET49761443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.686104059 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.690793037 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.705409050 CET4434976234.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.705504894 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.708527088 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.708534956 CET4434976234.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.708882093 CET4434976234.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.710777044 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.710874081 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.710967064 CET4434976234.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.711343050 CET49762443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.725825071 CET44349763151.101.193.91192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.725930929 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.729269981 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.729284048 CET44349763151.101.193.91192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.729543924 CET44349763151.101.193.91192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.732014894 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.732096910 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.732153893 CET44349763151.101.193.91192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.735311985 CET49763443192.168.2.4151.101.193.91
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.740586996 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.740617037 CET4434976635.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.740786076 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.740930080 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.740943909 CET4434976635.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.742711067 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.742754936 CET4434976735.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.742986917 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.743083954 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.743097067 CET4434976735.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.745244980 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.745354891 CET4434976835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.745486975 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.745660067 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.745685101 CET4434976835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.762622118 CET4434976435.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.762634993 CET4434976435.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.762727022 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.767195940 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.767208099 CET4434976435.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.767268896 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.767364979 CET4434976435.190.72.216192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.772027969 CET49764443192.168.2.435.190.72.216
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.781267881 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.787832975 CET4434976534.49.51.44192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.791843891 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.794653893 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.798737049 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.798749924 CET4434976534.49.51.44192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.798819065 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.799051046 CET4434976534.49.51.44192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.799357891 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.799624920 CET49765443192.168.2.434.49.51.44
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.801645041 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.806340933 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.812262058 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.812314034 CET4434976934.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.812480927 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.812643051 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.812661886 CET4434976934.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.889949083 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.896862984 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.899904013 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.904613972 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.951473951 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.996387005 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.051769972 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.194331884 CET4434976635.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.194422007 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.197344065 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.197355986 CET4434976635.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.197604895 CET4434976635.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.198769093 CET4434976735.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.198854923 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.201131105 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.201142073 CET4434976735.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.201466084 CET4434976735.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.203058958 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.203171015 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.203234911 CET4434976635.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.204643011 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.204803944 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.204854012 CET4434976735.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.205540895 CET49766443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.205557108 CET49767443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.209227085 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.213861942 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.220271111 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.224961996 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.225055933 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.225203037 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.225780964 CET4434976835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.225862980 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.228560925 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.228589058 CET4434976835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.229538918 CET4434976835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.229867935 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.231551886 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.231618881 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.231679916 CET4434976835.244.181.201192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.232317924 CET49768443192.168.2.435.244.181.201
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.269170046 CET4434976934.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.269306898 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.272789001 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.272808075 CET4434976934.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.273044109 CET4434976934.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.275717974 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.275795937 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.275883913 CET4434976934.149.100.209192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.276674032 CET49769443192.168.2.434.149.100.209
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.304426908 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.308202982 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.312890053 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.352663994 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.403007984 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.452953100 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.841662884 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.841684103 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.841702938 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843241930 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843255997 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843267918 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843466997 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.845782042 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.845793962 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.845803976 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.848464966 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.849025011 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.849061012 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.850958109 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.850980997 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.851070881 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.851080894 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.853425026 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.853941917 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930341005 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930360079 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930372953 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930413008 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930425882 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930437088 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930437088 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.930705070 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931737900 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931750059 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931761026 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931793928 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931809902 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931891918 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.931991100 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.932024956 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.932210922 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934381962 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934393883 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934405088 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934458017 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934576988 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934587955 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934597969 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.934650898 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937123060 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937139988 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937150002 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937160015 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937170982 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937194109 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.937274933 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939472914 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939493895 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939534903 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939605951 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939615965 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939626932 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939637899 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939665079 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.939697027 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024209976 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024245977 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024255991 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024267912 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024280071 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024291992 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024338007 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024369955 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024379015 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024389982 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024400949 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024410009 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024420023 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024430990 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024466038 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024496078 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024506092 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024512053 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024568081 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024578094 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024588108 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.024790049 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025584936 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025598049 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025608063 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025618076 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025629997 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025643110 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025664091 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.025774002 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026473045 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026487112 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026506901 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026516914 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026527882 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026536942 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.026643038 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027446985 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027461052 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027472973 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027482033 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027493000 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027503967 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027513981 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.027549028 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.028094053 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.028146029 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.028160095 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.028172016 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.028182983 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.028239012 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030109882 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030124903 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030134916 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030145884 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030155897 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030167103 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030173063 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030179977 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030214071 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030294895 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030441999 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030452967 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030463934 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.030497074 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.070350885 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118351936 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118379116 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118390083 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118400097 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118412018 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118421078 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118446112 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118458033 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118469000 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118546963 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118562937 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118575096 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118590117 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118601084 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118604898 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118765116 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118788004 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118798971 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118808985 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118858099 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118872881 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118885040 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118896008 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118906975 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.118974924 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119014025 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119025946 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119036913 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119049072 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119060040 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119070053 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119082928 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119087934 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119292021 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119779110 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119788885 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119801044 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119822025 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119832993 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119842052 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119843006 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119857073 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119868040 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119887114 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119967937 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119978905 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119990110 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.119996071 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120006084 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120016098 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120026112 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120033979 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120291948 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120716095 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120733023 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120745897 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120785952 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120796919 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120810032 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120820999 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120836020 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.120940924 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121002913 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121015072 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121031046 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121041059 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121052027 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121062040 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121071100 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121085882 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121159077 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121658087 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121678114 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121689081 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121747017 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121757984 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121772051 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121773005 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121836901 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121869087 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121879101 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121896982 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121908903 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121918917 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121925116 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.121926069 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122004032 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122014046 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122025013 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122107983 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122663021 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122678041 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122688055 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122699022 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122710943 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122719049 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122723103 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122735023 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.122802019 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.145451069 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.145490885 CET4434977134.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.145936966 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.147461891 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.147475004 CET4434977134.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.160531998 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.160542965 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.160553932 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.160609007 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201359987 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201375008 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201386929 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201397896 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201487064 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201517105 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201529026 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201539040 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201550007 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201564074 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.201653957 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202104092 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202122927 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202133894 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202145100 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202157021 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202167034 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202177048 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202178955 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202188015 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202199936 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202209949 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202220917 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202230930 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202249050 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202260017 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202270985 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202299118 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202357054 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202742100 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202754021 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202769041 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202779055 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202790022 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202801943 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202805996 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202891111 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202903986 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202914000 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202924967 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202927113 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202935934 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202944040 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.202945948 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203016996 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203051090 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203063011 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203074932 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203123093 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203537941 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203547955 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203553915 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203560114 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203569889 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203581095 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203591108 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203600883 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203612089 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203614950 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203624964 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203636885 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203646898 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203656912 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203675032 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203685045 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203695059 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203710079 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203713894 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.203804970 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204191923 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204202890 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204214096 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204225063 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204235077 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204351902 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204364061 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204375029 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204768896 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.204895973 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.205297947 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207618952 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207628012 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207633972 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207644939 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207653999 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207664013 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207700014 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207779884 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207791090 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207801104 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207811117 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207819939 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207829952 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207839012 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207848072 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207856894 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207865953 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.207935095 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208376884 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208394051 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208403111 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208411932 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208421946 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208431005 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208441019 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208450079 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208461046 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208470106 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208479881 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208488941 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208544970 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208555937 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208566904 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208758116 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.208997965 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209090948 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209101915 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209110975 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209120989 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209131956 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209141016 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209151030 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209158897 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209171057 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209181070 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209192038 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209192038 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209224939 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209233999 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209244013 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209249973 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.209297895 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290394068 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290405989 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290422916 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290498972 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290530920 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290539980 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290549994 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290720940 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290731907 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.290878057 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291049004 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291064024 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291074991 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291084051 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291100025 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291111946 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291224003 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291234016 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291244030 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291258097 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291270018 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291280985 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291291952 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291302919 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291312933 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291322947 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291335106 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291347027 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291367054 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291376114 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291388035 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291395903 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291790009 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291949034 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291959047 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291969061 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291979074 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291989088 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.291997910 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292010069 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292020082 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292028904 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292038918 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292048931 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292057991 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292068958 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292121887 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292131901 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292140961 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292150021 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292160034 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292170048 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292184114 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292193890 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292203903 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292216063 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292226076 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292236090 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292296886 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292406082 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292512894 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292582035 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292649984 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292761087 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292769909 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292781115 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292789936 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292804003 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292814016 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292824984 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292834044 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292844057 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292853117 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292865038 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292875051 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292954922 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.292999983 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293342113 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293351889 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293356895 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293363094 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293401957 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293473005 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293483019 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293492079 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293497086 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293502092 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293508053 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293510914 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293519974 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293526888 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293535948 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293740988 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.293766975 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294092894 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294104099 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294115067 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294123888 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294133902 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294142008 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294153929 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294158936 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294163942 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294174910 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294184923 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294194937 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.294312000 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.295805931 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.295815945 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.295823097 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.295826912 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.295833111 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.295964003 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296039104 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296333075 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296514034 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296529055 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296539068 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296551943 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296561003 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296571016 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296581030 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296591043 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296591997 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296601057 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296611071 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296618938 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296629906 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296641111 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296649933 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296705008 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.296811104 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.622452021 CET4434977134.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.622570992 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.627363920 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.627374887 CET4434977134.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.627490997 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.627559900 CET4434977134.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.628746033 CET49771443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.630747080 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.635447025 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.730087996 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.733211040 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.737935066 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.772411108 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.829135895 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.872698069 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.079976082 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.085438967 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.175879002 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.179317951 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.184052944 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.217397928 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.274313927 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.320478916 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:52.299721956 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:52.304524899 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:55.177021980 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:55.181893110 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:55.277173042 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:55.281810045 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.313234091 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.317949057 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.641338110 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.641376019 CET4434977434.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.641597033 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.643125057 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.643141031 CET4434977434.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.099963903 CET4434977434.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.100043058 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.105489969 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.105503082 CET4434977434.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.105628967 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.105647087 CET4434977434.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.105910063 CET49774443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.108836889 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.113553047 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.210932016 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.214492083 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.219219923 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.268948078 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.309071064 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.369232893 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.827493906 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.827545881 CET4434977534.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.828672886 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.828785896 CET4434977634.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.830001116 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.830039978 CET4434977734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.831726074 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.831736088 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.831876040 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.831876040 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.831892967 CET4434977534.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.832048893 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.832103014 CET4434977634.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.832148075 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.832164049 CET4434977734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.286603928 CET4434977634.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.286715031 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.290128946 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.290144920 CET4434977634.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.290277958 CET4434977534.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.290451050 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.290493011 CET4434977634.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.292911053 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.292929888 CET4434977534.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.293261051 CET4434977534.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.295387983 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.295510054 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.295619011 CET4434977634.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.296391010 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.296458006 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.296591997 CET4434977534.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.299484968 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.299501896 CET49776443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.299510002 CET49775443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.301561117 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.306248903 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.316759109 CET4434977734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.317012072 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.320138931 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.320159912 CET4434977734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.320518017 CET4434977734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.322746992 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.322868109 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.322932005 CET4434977734.120.208.123192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.323461056 CET49777443192.168.2.434.120.208.123
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.396697998 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.400125980 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.404870033 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.450617075 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.495630026 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.550899982 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:12.335861921 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:12.340612888 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:20.406141996 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:20.410876036 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:20.506297112 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:20.511297941 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:22.349395037 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:22.355354071 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:30.432104111 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:30.436842918 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:30.516782999 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:30.521640062 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:32.369203091 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:32.374039888 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:40.444732904 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:40.449604988 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:40.529386997 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:40.534322023 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:42.381551981 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:42.386502028 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.131371975 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.131412029 CET4434977834.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.136980057 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.146461964 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.146473885 CET4434977834.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.600416899 CET4434977834.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.600578070 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.606463909 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.606473923 CET4434977834.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.606498957 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.606712103 CET4434977834.107.243.93192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.607585907 CET49778443192.168.2.434.107.243.93
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.609534025 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.614286900 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.704746008 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.708511114 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.713181019 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.754040956 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.804124117 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.854231119 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:52.394328117 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:52.399082899 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:53.713778973 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:53.718437910 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:53.813644886 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:53.818377972 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:02.407865047 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:02.439120054 CET80497702.22.61.59192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:03.727372885 CET4973980192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:03.732234001 CET804973934.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:03.827620983 CET4974280192.168.2.434.107.221.82
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:03.832473993 CET804974234.107.221.82192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:12.443130016 CET4977080192.168.2.42.22.61.59
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:12.447963953 CET80497702.22.61.59192.168.2.4

                                                                                                                                                                                                                                                                                                                                                    UDP Packets

                                                                                                                                                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.068212986 CET5237353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.076234102 CET53523731.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.088263988 CET6120753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.094959021 CET53612071.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.393783092 CET5347153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.401364088 CET53534711.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.405217886 CET5498453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.410692930 CET5009153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.411741972 CET53549841.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.417464018 CET53500911.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.459373951 CET6054153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.461786985 CET5954553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.466062069 CET53605411.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.468405962 CET53595451.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.471330881 CET5930053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.478759050 CET53593001.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.951982021 CET5121853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.958671093 CET53512181.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.960994005 CET5993053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.968060970 CET53599301.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.969706059 CET5249153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.976413965 CET53524911.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.987124920 CET5976153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.987622023 CET5593553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.993813992 CET53597611.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.994282961 CET53559351.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.750020981 CET5961753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.758167982 CET53596171.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.758780003 CET4974353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765532970 CET53497431.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.768381119 CET5194453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.775415897 CET53519441.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.777023077 CET5847353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.778582096 CET6009753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.784193993 CET53584731.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.785375118 CET53600971.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.787111044 CET5181153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.794001102 CET53518111.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.895402908 CET6189353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.905384064 CET53618931.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906544924 CET5920353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.917088985 CET53592031.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.917680979 CET6108553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.929549932 CET53610851.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.736109972 CET4928853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.744024038 CET53492881.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.757200003 CET5504053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.766879082 CET53550401.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.103607893 CET5333253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.111468077 CET53533321.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.573873997 CET5525953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.576838970 CET5394453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.580528975 CET53552591.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.584368944 CET53539441.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.587424994 CET5008453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.588181973 CET5320353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.594820976 CET53532031.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.595710993 CET53500841.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.595877886 CET6046953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.596646070 CET5733653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.602402925 CET53604691.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.604058981 CET53573361.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.788805962 CET6345853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.796020031 CET53634581.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.811611891 CET5260953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.819576979 CET53526091.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.988853931 CET6354153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.996027946 CET53635411.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.999056101 CET5186553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.005714893 CET53518651.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.008136988 CET6392653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.014823914 CET53639261.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.649337053 CET5224153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.656332016 CET53522411.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.613843918 CET6266953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.621603012 CET53626691.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.703372955 CET5050653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.710000038 CET53505061.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.196599960 CET6210353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.196650028 CET5876453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.197004080 CET6302153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203627110 CET53587641.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET53621031.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203705072 CET53630211.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.204281092 CET6468853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.204543114 CET5185053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.204777002 CET5392053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET53518501.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211374044 CET53646881.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211420059 CET53539201.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211858034 CET5514853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.212358952 CET6317753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.212615967 CET5209053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.218427896 CET53551481.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.219032049 CET6491253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.221061945 CET53631771.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.221761942 CET6203253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.222373009 CET53520901.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.227744102 CET53649121.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.228360891 CET6447653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.230031967 CET53620321.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.230767965 CET5069253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.236687899 CET53644761.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.237575054 CET5370553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.238399982 CET53506921.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.238828897 CET6361853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.246114016 CET53537051.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.247374058 CET53636181.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.242340088 CET5903053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.249838114 CET53590301.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.251557112 CET5992053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259133101 CET53599201.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259846926 CET6087253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.267169952 CET53608721.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.300029993 CET5606553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.307038069 CET53560651.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.315454006 CET5633153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.322279930 CET53563311.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.324536085 CET6193553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.331856966 CET53619351.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.686227083 CET6076753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.693337917 CET53607671.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.210115910 CET6348053192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.216984987 CET53634801.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.220609903 CET6421853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.229676008 CET53642181.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.230209112 CET5185153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.239198923 CET53518511.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.145876884 CET5746253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.152646065 CET53574621.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.080369949 CET5617553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.088967085 CET53561751.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.632211924 CET6295653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.640446901 CET53629561.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.641366005 CET6263453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.648011923 CET53626341.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.810409069 CET6501853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.817713022 CET53650181.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.121021032 CET6491653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.128576040 CET53649161.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.129968882 CET5595753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.137087107 CET53559571.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.610634089 CET5511353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.618506908 CET53551131.1.1.1192.168.2.4

                                                                                                                                                                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.068212986 CET192.168.2.41.1.1.10x85cStandard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.088263988 CET192.168.2.41.1.1.10x6802Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.393783092 CET192.168.2.41.1.1.10x1847Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.405217886 CET192.168.2.41.1.1.10xc09dStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.410692930 CET192.168.2.41.1.1.10x206bStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.459373951 CET192.168.2.41.1.1.10x6963Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.461786985 CET192.168.2.41.1.1.10x55ceStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.471330881 CET192.168.2.41.1.1.10xfa26Standard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.951982021 CET192.168.2.41.1.1.10x8172Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.960994005 CET192.168.2.41.1.1.10x7860Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.969706059 CET192.168.2.41.1.1.10x9454Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.987124920 CET192.168.2.41.1.1.10xa8eaStandard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.987622023 CET192.168.2.41.1.1.10x8a72Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.750020981 CET192.168.2.41.1.1.10x5f85Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.758780003 CET192.168.2.41.1.1.10x1507Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.768381119 CET192.168.2.41.1.1.10xb787Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.777023077 CET192.168.2.41.1.1.10x37c3Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.778582096 CET192.168.2.41.1.1.10x6fbdStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.787111044 CET192.168.2.41.1.1.10x4738Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.895402908 CET192.168.2.41.1.1.10x66acStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.906544924 CET192.168.2.41.1.1.10x723fStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.917680979 CET192.168.2.41.1.1.10xbc1bStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.736109972 CET192.168.2.41.1.1.10x2cb8Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.757200003 CET192.168.2.41.1.1.10xaa4dStandard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:17.103607893 CET192.168.2.41.1.1.10xc6a6Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.573873997 CET192.168.2.41.1.1.10xd603Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.576838970 CET192.168.2.41.1.1.10x110dStandard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.587424994 CET192.168.2.41.1.1.10x4b6Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.588181973 CET192.168.2.41.1.1.10x8a30Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.595877886 CET192.168.2.41.1.1.10x70c8Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.596646070 CET192.168.2.41.1.1.10x2f86Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.788805962 CET192.168.2.41.1.1.10xcb68Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.811611891 CET192.168.2.41.1.1.10xb6fStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.988853931 CET192.168.2.41.1.1.10x87eeStandard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.999056101 CET192.168.2.41.1.1.10x12f6Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.008136988 CET192.168.2.41.1.1.10xbf2eStandard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.649337053 CET192.168.2.41.1.1.10xb0b8Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.613843918 CET192.168.2.41.1.1.10x7995Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.703372955 CET192.168.2.41.1.1.10x4b84Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.196599960 CET192.168.2.41.1.1.10xb64Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.196650028 CET192.168.2.41.1.1.10x59afStandard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.197004080 CET192.168.2.41.1.1.10x921cStandard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.204281092 CET192.168.2.41.1.1.10x251bStandard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.204543114 CET192.168.2.41.1.1.10x607Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.204777002 CET192.168.2.41.1.1.10x6f66Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211858034 CET192.168.2.41.1.1.10xd8b4Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.212358952 CET192.168.2.41.1.1.10xff16Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.212615967 CET192.168.2.41.1.1.10x4650Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.219032049 CET192.168.2.41.1.1.10x2195Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.221761942 CET192.168.2.41.1.1.10x6ce5Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.228360891 CET192.168.2.41.1.1.10xeadcStandard query (0)dualstack.reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.230767965 CET192.168.2.41.1.1.10xab36Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.237575054 CET192.168.2.41.1.1.10x59deStandard query (0)dualstack.reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.238828897 CET192.168.2.41.1.1.10x2e98Standard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.242340088 CET192.168.2.41.1.1.10xe56bStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.251557112 CET192.168.2.41.1.1.10xe2a0Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259846926 CET192.168.2.41.1.1.10x6042Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.300029993 CET192.168.2.41.1.1.10x6a5eStandard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.315454006 CET192.168.2.41.1.1.10x41ddStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.324536085 CET192.168.2.41.1.1.10xadbaStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.686227083 CET192.168.2.41.1.1.10x71ddStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.210115910 CET192.168.2.41.1.1.10x5edaStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.220609903 CET192.168.2.41.1.1.10xb5edStandard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.230209112 CET192.168.2.41.1.1.10xe7c1Standard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.145876884 CET192.168.2.41.1.1.10xc6edStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.080369949 CET192.168.2.41.1.1.10x8c71Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.632211924 CET192.168.2.41.1.1.10xf2a9Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.641366005 CET192.168.2.41.1.1.10x9a63Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.810409069 CET192.168.2.41.1.1.10x58e0Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.121021032 CET192.168.2.41.1.1.10xf625Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.129968882 CET192.168.2.41.1.1.10x8a3cStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.610634089 CET192.168.2.41.1.1.10xd0b9Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.058629036 CET1.1.1.1192.168.2.40x354bNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:11.076234102 CET1.1.1.1192.168.2.40x85cNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.401364088 CET1.1.1.1192.168.2.40x1847No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.401364088 CET1.1.1.1192.168.2.40x1847No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.401364088 CET1.1.1.1192.168.2.40x1847No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.411741972 CET1.1.1.1192.168.2.40xc09dNo error (0)youtube.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.417464018 CET1.1.1.1192.168.2.40x206bNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.466062069 CET1.1.1.1192.168.2.40x6963No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.468405962 CET1.1.1.1192.168.2.40x55ceNo error (0)youtube.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.478759050 CET1.1.1.1192.168.2.40xfa26No error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.958671093 CET1.1.1.1192.168.2.40x8172No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.968060970 CET1.1.1.1192.168.2.40x7860No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.993813992 CET1.1.1.1192.168.2.40xa8eaNo error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.993813992 CET1.1.1.1192.168.2.40xa8eaNo error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.993813992 CET1.1.1.1192.168.2.40xa8eaNo error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.993813992 CET1.1.1.1192.168.2.40xa8eaNo error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.994282961 CET1.1.1.1192.168.2.40x8a72No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.994282961 CET1.1.1.1192.168.2.40x8a72No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.758167982 CET1.1.1.1192.168.2.40x5f85No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.758167982 CET1.1.1.1192.168.2.40x5f85No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765532970 CET1.1.1.1192.168.2.40x1507No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765532970 CET1.1.1.1192.168.2.40x1507No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.765532970 CET1.1.1.1192.168.2.40x1507No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.775415897 CET1.1.1.1192.168.2.40xb787No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.775427103 CET1.1.1.1192.168.2.40xb93aNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.775427103 CET1.1.1.1192.168.2.40xb93aNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.785375118 CET1.1.1.1192.168.2.40x6fbdNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.794001102 CET1.1.1.1192.168.2.40x4738No error (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.905384064 CET1.1.1.1192.168.2.40x66acNo error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.905384064 CET1.1.1.1192.168.2.40x66acNo error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.905384064 CET1.1.1.1192.168.2.40x66acNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.917088985 CET1.1.1.1192.168.2.40x723fNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.929549932 CET1.1.1.1192.168.2.40xbc1bNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.744024038 CET1.1.1.1192.168.2.40x2cb8No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.744024038 CET1.1.1.1192.168.2.40x2cb8No error (0)shavar.prod.mozaws.net52.24.225.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.744024038 CET1.1.1.1192.168.2.40x2cb8No error (0)shavar.prod.mozaws.net52.35.142.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.744024038 CET1.1.1.1192.168.2.40x2cb8No error (0)shavar.prod.mozaws.net35.83.47.198A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.766879082 CET1.1.1.1192.168.2.40xaa4dNo error (0)shavar.prod.mozaws.net52.35.142.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.766879082 CET1.1.1.1192.168.2.40xaa4dNo error (0)shavar.prod.mozaws.net52.24.225.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.766879082 CET1.1.1.1192.168.2.40xaa4dNo error (0)shavar.prod.mozaws.net35.83.47.198A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.580528975 CET1.1.1.1192.168.2.40xd603No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.581429005 CET1.1.1.1192.168.2.40x23b1No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.581429005 CET1.1.1.1192.168.2.40x23b1No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.584368944 CET1.1.1.1192.168.2.40x110dNo error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.584368944 CET1.1.1.1192.168.2.40x110dNo error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.584368944 CET1.1.1.1192.168.2.40x110dNo error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.594820976 CET1.1.1.1192.168.2.40x8a30No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.595710993 CET1.1.1.1192.168.2.40x4b6No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.779436111 CET1.1.1.1192.168.2.40xaafNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.796020031 CET1.1.1.1192.168.2.40xcb68No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.996027946 CET1.1.1.1192.168.2.40x87eeNo error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.996027946 CET1.1.1.1192.168.2.40x87eeNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.005714893 CET1.1.1.1192.168.2.40x12f6No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.014823914 CET1.1.1.1192.168.2.40xbf2eNo error (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.971199036 CET1.1.1.1192.168.2.40xee0No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:31.621603012 CET1.1.1.1192.168.2.40x7995No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203627110 CET1.1.1.1192.168.2.40x59afNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203627110 CET1.1.1.1192.168.2.40x59afNo error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203639030 CET1.1.1.1192.168.2.40xb64No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203705072 CET1.1.1.1192.168.2.40x921cNo error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.203705072 CET1.1.1.1192.168.2.40x921cNo error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211215019 CET1.1.1.1192.168.2.40x607No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211374044 CET1.1.1.1192.168.2.40x251bNo error (0)star-mini.c10r.facebook.com157.240.252.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.211420059 CET1.1.1.1192.168.2.40x6f66No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.218427896 CET1.1.1.1192.168.2.40xd8b4No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.218427896 CET1.1.1.1192.168.2.40xd8b4No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.218427896 CET1.1.1.1192.168.2.40xd8b4No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.218427896 CET1.1.1.1192.168.2.40xd8b4No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.221061945 CET1.1.1.1192.168.2.40xff16No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.222373009 CET1.1.1.1192.168.2.40x4650No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.227744102 CET1.1.1.1192.168.2.40x2195No error (0)www.reddit.comdualstack.reddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.227744102 CET1.1.1.1192.168.2.40x2195No error (0)dualstack.reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.227744102 CET1.1.1.1192.168.2.40x2195No error (0)dualstack.reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.227744102 CET1.1.1.1192.168.2.40x2195No error (0)dualstack.reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.227744102 CET1.1.1.1192.168.2.40x2195No error (0)dualstack.reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.230031967 CET1.1.1.1192.168.2.40x6ce5No error (0)twitter.com162.159.140.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.236687899 CET1.1.1.1192.168.2.40xeadcNo error (0)dualstack.reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.236687899 CET1.1.1.1192.168.2.40xeadcNo error (0)dualstack.reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.236687899 CET1.1.1.1192.168.2.40xeadcNo error (0)dualstack.reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.236687899 CET1.1.1.1192.168.2.40xeadcNo error (0)dualstack.reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.238399982 CET1.1.1.1192.168.2.40xab36No error (0)twitter.com162.159.140.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.246114016 CET1.1.1.1192.168.2.40x59deNo error (0)dualstack.reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.246114016 CET1.1.1.1192.168.2.40x59deNo error (0)dualstack.reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.246114016 CET1.1.1.1192.168.2.40x59deNo error (0)dualstack.reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.246114016 CET1.1.1.1192.168.2.40x59deNo error (0)dualstack.reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.224044085 CET1.1.1.1192.168.2.40x2845No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.224044085 CET1.1.1.1192.168.2.40x2845No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.249838114 CET1.1.1.1192.168.2.40xe56bNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.249838114 CET1.1.1.1192.168.2.40xe56bNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.249838114 CET1.1.1.1192.168.2.40xe56bNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.249838114 CET1.1.1.1192.168.2.40xe56bNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259133101 CET1.1.1.1192.168.2.40xe2a0No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259133101 CET1.1.1.1192.168.2.40xe2a0No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259133101 CET1.1.1.1192.168.2.40xe2a0No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.259133101 CET1.1.1.1192.168.2.40xe2a0No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.267169952 CET1.1.1.1192.168.2.40x6042No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.267169952 CET1.1.1.1192.168.2.40x6042No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.267169952 CET1.1.1.1192.168.2.40x6042No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.267169952 CET1.1.1.1192.168.2.40x6042No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.307038069 CET1.1.1.1192.168.2.40x6a5eNo error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.307038069 CET1.1.1.1192.168.2.40x6a5eNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.322279930 CET1.1.1.1192.168.2.40x41ddNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.693337917 CET1.1.1.1192.168.2.40x71ddNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.693337917 CET1.1.1.1192.168.2.40x71ddNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.693337917 CET1.1.1.1192.168.2.40x71ddNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.216984987 CET1.1.1.1192.168.2.40x5edaNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.219562054 CET1.1.1.1192.168.2.40x61bdNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.219562054 CET1.1.1.1192.168.2.40x61bdNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.219562054 CET1.1.1.1192.168.2.40x61bdNo error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.219562054 CET1.1.1.1192.168.2.40x61bdNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.219562054 CET1.1.1.1192.168.2.40x61bdNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.229676008 CET1.1.1.1192.168.2.40xb5edNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.229676008 CET1.1.1.1192.168.2.40xb5edNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.239198923 CET1.1.1.1192.168.2.40xe7c1No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.239198923 CET1.1.1.1192.168.2.40xe7c1No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.088967085 CET1.1.1.1192.168.2.40x8c71No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.088967085 CET1.1.1.1192.168.2.40x8c71No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.088967085 CET1.1.1.1192.168.2.40x8c71No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:02.640446901 CET1.1.1.1192.168.2.40xf2a9No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:09.817353010 CET1.1.1.1192.168.2.40x7dc7No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.128576040 CET1.1.1.1192.168.2.40xf625No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.618506908 CET1.1.1.1192.168.2.40xd0b9No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                    HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                                    • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                                                    HTTP Packets

                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    0192.168.2.44972834.107.221.82807948C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.473130941 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:13.938925982 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 37465
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    1192.168.2.44973434.107.221.82807948C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:14.773475885 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.239082098 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11006
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    2192.168.2.44973934.107.221.82807948C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:15.569282055 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.017286062 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21766
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.118568897 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.214576960 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21767
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.579169989 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.674240112 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21771
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:24.963778019 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.059079885 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21776
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.643035889 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.738163948 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21777
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.139514923 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:27.235057116 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21778
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.875572920 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:29.152475119 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21779
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.093070984 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.189301014 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21783
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.686104059 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.781267881 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21791
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.801645041 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.896862984 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21791
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.209227085 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.304426908 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21792
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.630747080 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.730087996 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21793
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.079976082 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.175879002 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21796
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:55.177021980 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.108836889 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.210932016 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21814
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.301561117 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.396697998 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21821
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:20.406141996 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:30.432104111 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:40.444732904 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.609534025 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.704746008 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                    Age: 21854
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:53.713778973 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:03.727372885 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    3192.168.2.44974134.107.221.82807948C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.128680944 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    4192.168.2.44974234.107.221.82807948C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.444243908 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:16.889838934 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11007
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:20.985647917 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:21.080219984 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11012
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.183356047 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:25.277976036 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11016
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.780675888 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:26.875488997 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11017
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.766611099 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:28.862658024 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11019
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:30.132561922 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:30.232989073 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11021
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.192814112 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:32.287770987 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11023
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.794653893 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.889949083 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11031
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.899904013 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:40.996387005 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11031
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.308202982 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.403007984 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11032
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.733211040 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:42.829135895 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11033
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.179317951 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:45.274313927 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11036
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:55.277173042 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.214492083 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:03.309071064 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11054
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.400125980 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:10.495630026 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11061
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:20.506297112 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:30.516782999 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:40.529386997 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.708511114 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:43.804124117 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 09:33:49 GMT
                                                                                                                                                                                                                                                                                                                                                    Age: 11094
                                                                                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:38:53.813644886 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:39:03.827620983 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                    Data Ascii:


                                                                                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                    5192.168.2.4497702.22.61.59807948C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.225203037 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                    Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.841662884 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                    Content-Length: 453023
                                                                                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                    Last-Modified: Wed, 12 Mar 2025 04:19:28 GMT
                                                                                                                                                                                                                                                                                                                                                    ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                                                    X-Timestamp: 1741753167.65917
                                                                                                                                                                                                                                                                                                                                                    Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                                                    X-Trans-Id: tx8010bf916ad24497ab4a8-0067d34aa4dfw1
                                                                                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=117347
                                                                                                                                                                                                                                                                                                                                                    Expires: Sun, 16 Mar 2025 21:13:28 GMT
                                                                                                                                                                                                                                                                                                                                                    Date: Sat, 15 Mar 2025 12:37:41 GMT
                                                                                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                    Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.841684103 CET1236INData Raw: bd c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*dIUkq9[d
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.841702938 CET448INData Raw: 76 05 c4 dc 61 8a ee 89 36 03 dd 1b 08 cd 40 d9 ea 04 bd 6e 44 fc 07 c7 c5 f9 37 23 49 13 20 6b 79 26 c2 ef b5 cf c4 f9 36 c0 ee 95 21 56 4f bf 34 ab 1d 51 ac fe f7 81 91 58 5d 54 d5 5a 44 59 dd bb 12 e9 2b 02 56 4f 8f 9f b8 ad c8 db ba c2 58 de
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: va6@nD7#I ky&6!VO4QX]TZDY+VOXrm!m%R4Re"*2Xohu}G9gVP8ghhlW4CUR7wv$Y`X%k|h``\"^w\>(y':@V6
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843241930 CET1236INData Raw: 65 e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: e2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843255997 CET1236INData Raw: 7f b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.843267918 CET448INData Raw: 62 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: bY:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.845782042 CET1236INData Raw: 5d a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: ]!Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.845793962 CET1236INData Raw: 0e 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.845803976 CET448INData Raw: 8e 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.848464966 CET1236INData Raw: 99 ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1
                                                                                                                                                                                                                                                                                                                                                    Mar 15, 2025 13:37:41.849025011 CET1236INData Raw: 54 88 af 6b 46 21 96 c5 bc 17 f8 0b 33 f5 a2 5c 8c f3 a5 7a 0f eb 92 0f 50 32 86 fd 65 5b 30 c8 b2 e7 30 e0 fb 80 1a be 7d a4 46 35 7c d3 69 08 ed 2b a1 bc e9 40 0c 46 75 4f b0 5b 0d 12 e4 5d 29 77 a0 15 ab 42 4b 58 cd 29 e9 2f 53 ed 53 3b ff 20
                                                                                                                                                                                                                                                                                                                                                    Data Ascii: TkF!3\zP2e[00}F5|i+@FuO[])wBKX)/SS; <NEfql]M.dRro7/tk>)0(k"?1!cY[D8w5U:1|hEfwS"'<^`c7


                                                                                                                                                                                                                                                                                                                                                    Statistics

                                                                                                                                                                                                                                                                                                                                                    CPU Usage

                                                                                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                                                                                    Memory Usage

                                                                                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                                    Behavior

                                                                                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:0
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:03
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x730000
                                                                                                                                                                                                                                                                                                                                                    File size:966'144 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:7B263841E989D2A9F7D156E74CB36E6F
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:1
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:04
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x8b0000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:2
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:04
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff62fc20000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:3
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:06
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x8b0000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:4
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:06
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff62fc20000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:5
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:06
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x8b0000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:6
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:06
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff62fc20000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:7
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:06
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x8b0000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:8
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:06
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff62fc20000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:9
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:07
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                    Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x8b0000
                                                                                                                                                                                                                                                                                                                                                    File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:10
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:07
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff62fc20000
                                                                                                                                                                                                                                                                                                                                                    File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:11
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:07
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:12
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:07
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:13
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:07
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:14
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:08
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2240 -prefsLen 25359 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {40ce1d3d-1a10-4789-8b4b-bfd0ef91fb48} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2461056e710 socket
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:16
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:11
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3880 -parentBuildID 20230927232528 -prefsHandle 2908 -prefMapHandle 3868 -prefsLen 26374 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961c2d05-76e8-4603-b7ab-31c7502fe9a7} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 2462254f810 rdd
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:22
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:19
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5384 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1544 -prefMapHandle 2680 -prefsLen 33185 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {279e2cff-c7d4-4a7e-b94b-d843fff9af51} 7948 "\\.\pipe\gecko-crash-server-pipe.7948" 246216e6d10 utility
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:24
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:25
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                                                                                    Target ID:25
                                                                                                                                                                                                                                                                                                                                                    Start time:08:37:25
                                                                                                                                                                                                                                                                                                                                                    Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
                                                                                                                                                                                                                                                                                                                                                    Imagebase:0x7ff76aab0000
                                                                                                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                                                                                    Disassembly

                                                                                                                                                                                                                                                                                                                                                    Reset < >