Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1639372
MD5:7b263841e989d2a9f7d156e74cb36e6f
SHA1:daf7c46fc057c7e3dc266faacf89652cc1cf9720
SHA256:6457881894861cb853a08b65e3b63b2916f317ce6730338f0508cf84f5f930e8
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:76
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Drops PE files
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 2116 cmdline: "C:\Users\user\Desktop\random.exe" MD5: 7B263841E989D2A9F7D156E74CB36E6F)
    • taskkill.exe (PID: 6644 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6668 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1064 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 5596 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6836 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6992 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6024 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6012 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6812 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 520 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 6644 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 6548 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 6668 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7208 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2244 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b56de95-3d03-447b-aebc-420301f26c63} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234c096dd10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7876 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2996 -parentBuildID 20230927232528 -prefsHandle 4160 -prefMapHandle 4184 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e94fe24-f142-4e80-9844-43b6caeb734a} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d2e95810 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7432 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5028 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1560 -prefMapHandle 5020 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f2f0818-bfdf-4269-8b0b-5d127bd07733} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d9b5dd10 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 7916 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 680 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 2116JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeVirustotal: Detection: 33%Perma Link
    Source: random.exeReversingLabs: Detection: 36%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.3% probability
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49706 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49710 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49713 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49719 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49726 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49727 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49733 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.6:49735 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49734 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49738 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49740 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49739 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49741 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55963 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55960 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55962 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55964 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55961 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55965 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55966 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55967 version: TLS 1.2
    Source: Binary string: shlwapi.pdbP4 source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UxTheme.pdb source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB37000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000F.00000003.1425355913.00000234CE3A1000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: userenv.pdbtype source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winsta.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: bcrypt.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rpcrt4.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: userenv.pdbINTEGER source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425137223.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425355913.00000234CE3A1000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: WscApi.pdb source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1424231333.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: msvcrt.pdb source: firefox.exe, 0000000F.00000003.1416463148.00000234D8D9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xul.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shcore.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mozglue.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winnsi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000F.00000003.1412133010.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: freebl3.pdb^/.*/registration/.*$ source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shell32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntmarta.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: urlmon.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000F.00000003.1424231333.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shlwapi.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000F.00000003.1423045217.00000234CE39C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000F.00000003.1412133010.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msimg32.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000F.00000003.1412766028.00000234DC83F000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: win32u.pdb source: firefox.exe, 0000000F.00000003.1416140026.00000234D8DBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: devobj.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d3d11.pdb source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000F.00000003.1423045217.00000234CE39C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: firefox.pdb source: firefox.exe, 0000000F.00000003.1395581311.00000234D8C2B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbghelp.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: srvcli.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: imm32.pdb source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: freebl3.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: profapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: gdi32.pdb source: firefox.exe, 0000000F.00000003.1416140026.00000234D8DBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ws2_32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1412766028.00000234DC83F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: combase.pdbP4 source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WLDP.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdbP4 source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mswsock.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sechost.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nsi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: propsys.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: winmm.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdbP4 source: firefox.exe, 0000000F.00000003.1412133010.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winrnr.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msctf.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ole32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: version.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402709971.00000234D90CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbgcore.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: user32.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: twinapi.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msasn1.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: psapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UxTheme.pdbpreview_image_url source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: DWrite.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: combase.pdb source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntdll.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000F.00000003.1425137223.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dxgi.pdb source: firefox.exe, 0000000F.00000003.1389101182.00000234D9BE4000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nss3.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000F.00000003.1412766028.00000234DC83F000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shell32.pdbdns_failed_lookup_time source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wsock32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: crypt32.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0097DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0094C2A2 FindFirstFileExW,0_2_0094C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009868EE FindFirstFileW,FindClose,0_2_009868EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0098698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0097D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0097D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00989642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00989642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0098979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00989B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00989B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00985C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00985C97
    Source: firefox.exeMemory has grown: Private usage: 1MB later: 220MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: global trafficTCP traffic: 192.168.2.6:55954 -> 1.1.1.1:53
    Source: Joe Sandbox ViewIP Address: 2.22.61.56 2.22.61.56
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 151.101.129.91 151.101.129.91
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098CE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_0098CE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKContent-Length: 453023Accept-Ranges: bytesLast-Modified: Wed, 12 Mar 2025 04:19:28 GMTETag: 85430baed3398695717b0263807cf97cX-Timestamp: 1741753167.65917Content-Type: application/zipX-Trans-Id: tx8010bf916ad24497ab4a8-0067d34aa4dfw1Cache-Control: public, max-age=116995Expires: Sun, 16 Mar 2025 21:15:01 GMTDate: Sat, 15 Mar 2025 12:45:06 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000F.00000003.1313491678.00000234DAAC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/*Z equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -*://www.facebook.com/*Z equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1371937383.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1433928694.00000234DC592000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1432454125.00000234DCC34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385808910.00000234DCC34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1370733341.00000234DCC34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1337169173.00000234D9B65000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/pD equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1337169173.00000234D9B65000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1371937383.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1389101182.00000234D9BFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1432454125.00000234DCC34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385808910.00000234DCC34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1370733341.00000234DCC34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1337169173.00000234D9B65000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1337169173.00000234D9B65000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 00000011.00000002.3052053964.00000231C660A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 00000011.00000002.3052053964.00000231C660A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 00000011.00000002.3052053964.00000231C660A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/& equals www.facebook.com (Facebook)
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/& equals www.twitter.com (Twitter)
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/& equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1371937383.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1389101182.00000234D9BFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1432454125.00000234DCC34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385808910.00000234DCC34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1370733341.00000234DCC34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1422406789.00000234CE35B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.comLMEM h equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1422406789.00000234CE35B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.comx equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1389101182.00000234D9B9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336842108.00000234D9B9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 0000000F.00000003.1408621551.00000234D3477000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297762605.00000234D3477000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
    Source: firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
    Source: firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000F.00000003.1371357174.00000234DCB83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1398346357.00000234DCBF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1387508796.00000234DABA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1287706788.00000234D2FE5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400587931.00000234DABA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListenerFailed
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListenerThe
    Source: firefox.exe, 0000001A.00000003.1409420475.0000013FFC0A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1414048567.0000013FFC0A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
    Source: firefox.exe, 0000001A.00000002.1418853881.0000013FFC062000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-times
    Source: firefox.exe, 0000001A.00000003.1409420475.0000013FFC0A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1414048567.0000013FFC0A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
    Source: firefox.exe, 0000001A.00000002.1418853881.0000013FFC062000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressions
    Source: firefox.exe, 0000001A.00000003.1409420475.0000013FFC0A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1414048567.0000013FFC0A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
    Source: firefox.exe, 0000001A.00000002.1416271081.0000013FF080A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/strings
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0
    Source: firefox.exe, 0000000F.00000003.1396009914.00000234D8C0B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1395581311.00000234D8C3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1362401533.00000234D1BF0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1378223006.00000234D9773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283243135.00000234DA7EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1312336605.00000234D1BDA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1352715421.00000234D23D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1345181556.00000234DA043000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321045802.00000234D1BD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1375301104.00000234D0675000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426632886.00000234D07D2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393779764.00000234D8D3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1417115267.00000234D8C3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438036128.00000234D2E91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436106562.00000234D972C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1314804308.00000234D1CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1311993383.00000234DAA51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1314804308.00000234D1CC3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1287706788.00000234D2FD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1364500898.00000234DAA53000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1255326672.00000234D0EA6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/Z
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000F.00000003.1336190673.00000234DC573000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC573000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0
    Source: firefox.exe, 0000000F.00000003.1297306367.00000234D8CC5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0.
    Source: firefox.exe, 0000000F.00000003.1336190673.00000234DC573000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297306367.00000234D8CC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC573000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000F.00000003.1405788801.00000234D4224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatex
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1421525490.00000234D2F66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: mozilla-temp-41.15.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000F.00000003.1336190673.00000234DC573000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297306367.00000234D8CC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC573000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000F.00000003.1336190673.00000234DC573000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297306367.00000234D8CC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC573000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D907D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://youtube.com/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000F.00000003.1249964577.00000234CE546000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249695624.00000234D0900000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 0000000F.00000003.1370058516.00000234DCCD3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1401306890.00000234DCCD3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/&
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000F.00000003.1286325161.00000234D3477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-users/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
    Source: firefox.exe, 0000000F.00000003.1389101182.00000234D9B9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336842108.00000234D9B9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D907D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000F.00000003.1419685840.00000234D3612000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
    Source: firefox.exe, 0000000F.00000003.1371357174.00000234DCB83000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000F.00000003.1411716799.00000234DCB1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393492178.00000234D8DEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1408621551.00000234D3477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 00000010.00000002.3052386250.0000018C7C0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054959128.0000026ADAB03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
    Source: firefox.exe, 00000010.00000002.3052386250.0000018C7C0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054959128.0000026ADAB03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta
    Source: firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1170143
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1317984128.00000234D1BB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321045802.00000234D1BB7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1317984128.00000234D1BB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321045802.00000234D1BB7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
    Source: firefox.exe, 0000000F.00000003.1378223006.00000234D9773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1365642412.00000234D9773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=793869
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1317984128.00000234D1BB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321045802.00000234D1BB7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000F.00000003.1249964577.00000234CE546000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249695624.00000234D0900000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000F.00000003.1420867905.00000234D2FD1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 00000010.00000002.3052386250.0000018C7C0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054959128.0000026ADAB03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
    Source: firefox.exe, 00000010.00000002.3052386250.0000018C7C0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054959128.0000026ADAB03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 0000000F.00000003.1416402934.00000234D8DAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000F.00000003.1403996748.00000234D8B99000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000F.00000003.1400199782.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336190673.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1313491678.00000234DAAC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1433807999.00000234DC5A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321482438.00000234D1B7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC1AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabPlease
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureOffscreenCanvas.toBlob()
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequest
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC1A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarning
    Source: firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarningElem
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureInstallTrigger.install()
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestSto
    Source: firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingTrying
    Source: firefox.exe, 0000000F.00000003.1346496513.00000234D239F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC1A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()
    Source: firefox.exe, 0000000F.00000003.1397258678.00000234D8A8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C6612000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000F.00000003.1288596886.00000234D12FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/673d2808-e5d8-41b9-957
    Source: firefox.exe, 0000000F.00000003.1291768599.00000234D142D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1290203356.00000234D142C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 0000000F.00000003.1291527555.00000234D44B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/f0f51715-7f5e-48de-839
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000001A.00000002.1417723661.0000013FF2240000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
    Source: firefox.exe, 0000000F.00000003.1370484876.00000234DCC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000F.00000003.1411716799.00000234DCB1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
    Source: firefox.exe, 0000000F.00000003.1400587931.00000234DABA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 0000000F.00000003.1397258678.00000234D8A8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C6612000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 0000000F.00000003.1438036128.00000234D2E91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1405788801.00000234D4224000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C662F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA930000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 0000000F.00000003.1438036128.00000234D2E91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 0000000F.00000003.1438036128.00000234D2E91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/cfworker
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000F.00000003.1283243135.00000234DA7EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1282372629.00000234DA7F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1351199118.00000234DA7B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1353182025.00000234DA7B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1359927188.00000234DA7EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000F.00000003.1283243135.00000234DA7EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1282372629.00000234DA7F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1351199118.00000234DA7B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1353182025.00000234DA7B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1359927188.00000234DA7EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000F.00000003.1249964577.00000234CE546000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249695624.00000234D0900000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000F.00000003.1398283782.00000234DCC4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1370629568.00000234DCC4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321482438.00000234D1B7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411261980.00000234DCB51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000F.00000003.1388595612.00000234D9FA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336755245.00000234D9FA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402603719.00000234D9FAE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411261980.00000234DCB51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411261980.00000234DCB51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411261980.00000234DCB51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411261980.00000234DCB51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.15.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000000F.00000003.1405556817.00000234D4579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA9F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000F.00000003.1411716799.00000234DCB1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336190673.00000234DC56B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/881caecb-771c-48a9-b388-64660
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D907D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D907C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
    Source: firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000F.00000003.1397258678.00000234D8A8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1417973850.00000234D8A95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
    Source: firefox.exe, 0000000F.00000003.1397258678.00000234D8A8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1417973850.00000234D8A95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
    Source: firefox.exe, 0000000F.00000003.1400199782.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336190673.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1313491678.00000234DAAC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1433807999.00000234DC5A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321482438.00000234D1B7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 00000011.00000002.3052053964.00000231C6686000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA98E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000F.00000003.1371357174.00000234DCBAB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386349633.00000234DCBAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC86F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 0000000F.00000003.1391349238.00000234D9B55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1337262000.00000234D9B41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2&
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 0000000F.00000003.1391349238.00000234D9B55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1337262000.00000234D9B41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 0000000F.00000003.1391349238.00000234D9B55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1337262000.00000234D9B41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000F.00000003.1346496513.00000234D239F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000F.00000003.1393492178.00000234D8DE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 0000000F.00000003.1395581311.00000234D8C47000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C6612000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000F.00000003.1395581311.00000234D8C47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1405167034.00000234D45B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA9F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user2
    Source: places.sqlite-wal.15.drString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-user-removal
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 0000000F.00000003.1291527555.00000234D44B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-def
    Source: firefox.exe, 0000000F.00000003.1291527555.00000234D44B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=spotlight
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000F.00000003.1287110412.00000234D30C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437123557.00000234D30C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1387508796.00000234DABA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400587931.00000234DABA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1420728001.00000234D30C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000F.00000003.1336796866.00000234D9FA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
    Source: firefox.exe, 0000000F.00000003.1371937383.00000234DC5BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1414400246.00000234D9FDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336190673.00000234DC5BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC5BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1413291554.00000234DC5CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336695366.00000234D9FDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393492178.00000234D8DEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC5BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: places.sqlite-wal.15.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D11000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThe
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsUse
    Source: firefox.exe, 0000000F.00000003.1350949667.00000234D35AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000F.00000003.1407629641.00000234D36CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: places.sqlite-wal.15.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
    Source: firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
    Source: firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
    Source: firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 00000010.00000002.3052386250.0000018C7C0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054959128.0000026ADAB03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D8B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1366271560.00000234D97B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
    Source: firefox.exe, 0000000F.00000003.1385020170.00000234CE373000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1385161927.00000234CE359000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D8B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000F.00000003.1284701839.00000234D8FE3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1282787580.00000234D8F97000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1DA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000F.00000003.1402834162.00000234D90BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1396711809.00000234D8B19000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.15.drString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: places.sqlite-wal.15.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.
    Source: firefox.exe, 0000000F.00000003.1291768599.00000234D142D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1290203356.00000234D142C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000F.00000003.1412016630.00000234DC897000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
    Source: places.sqlite-wal.15.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.
    Source: firefox.exe, 0000000F.00000003.1336796866.00000234D9FA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/1
    Source: firefox.exe, 0000000F.00000003.1336796866.00000234D9FA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
    Source: firefox.exe, 0000000F.00000003.1414647668.00000234D9B83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1337169173.00000234D9B80000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1390406547.00000234D9B80000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.15.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA9F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/Z
    Source: firefox.exe, 0000000F.00000003.1396711809.00000234D8B2F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
    Source: firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 00000010.00000002.3052386250.0000018C7C0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054959128.0000026ADAB03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
    Source: firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1433928694.00000234DC592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336190673.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000F.00000003.1435149968.00000234D8D1A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warningThe
    Source: firefox.exe, 0000000F.00000003.1400923557.00000234D8A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000F.00000003.1405105468.00000234D45F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1286325161.00000234D3444000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1405556817.00000234D4579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: recovery.jsonlz4.tmp.15.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000017.00000002.3051788728.0000026ADA8A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://ac
    Source: firefox.exe, 00000011.00000002.3050147731.00000231C6420000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://acb
    Source: firefox.exe, 00000017.00000002.3049740616.0000026ADA57A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.googlV
    Source: firefox.exe, 00000017.00000002.3049740616.0000026ADA57A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3051788728.0000026ADA8A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000D.00000002.1232819506.00000270B26F7000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1244877278.000002573D3D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 00000017.00000002.3049740616.0000026ADA570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdJ
    Source: firefox.exe, 00000010.00000002.3050299277.0000018C7BCE0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051414398.0000018C7BD94000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3050895071.00000231C6440000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3050147731.00000231C6424000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3049740616.0000026ADA570000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3051788728.0000026ADA8A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
    Source: unknownNetwork traffic detected: HTTP traffic on port 55961 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
    Source: unknownNetwork traffic detected: HTTP traffic on port 55959 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55965 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
    Source: unknownNetwork traffic detected: HTTP traffic on port 55964 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55959
    Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55969 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
    Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
    Source: unknownNetwork traffic detected: HTTP traffic on port 55963 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55969
    Source: unknownNetwork traffic detected: HTTP traffic on port 55967 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55964
    Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55965
    Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55966
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55967
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55960
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55961
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55962
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55963
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55970
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 55960 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55962 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55966 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 55970 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49706 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49710 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:49713 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49719 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49726 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:49727 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49733 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.6:49735 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49734 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49738 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49740 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:49739 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:49741 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55963 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55960 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55962 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55964 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55961 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55965 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55966 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:55967 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0098EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098ED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_0098ED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0098EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_0097AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009A9576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_009A9576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000000.1191196198.00000000009D2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_02ba0b70-3
    Source: random.exe, 00000000.00000000.1191196198.00000000009D2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_5ec73dd3-4
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_ce3dac0c-1
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_5d609efb-0
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C64F54B7 NtQuerySystemInformation,17_2_00000231C64F54B7
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C6C77CB2 NtQuerySystemInformation,17_2_00000231C6C77CB2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097D5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_0097D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00971201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00971201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_0097E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009820460_2_00982046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009180600_2_00918060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009782980_2_00978298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0094E4FF0_2_0094E4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0094676B0_2_0094676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009A48730_2_009A4873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0093CAA00_2_0093CAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0091CAF00_2_0091CAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0092CC390_2_0092CC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00946DD90_2_00946DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009191C00_2_009191C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0092B1190_2_0092B119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009313940_2_00931394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009317060_2_00931706
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0093781B0_2_0093781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009319B00_2_009319B0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009179200_2_00917920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0092997D0_2_0092997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00937A4A0_2_00937A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00937CA70_2_00937CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00931C770_2_00931C77
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00949EEE0_2_00949EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0099BE440_2_0099BE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00931F320_2_00931F32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C64F54B717_2_00000231C64F54B7
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C6C77CB217_2_00000231C6C77CB2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C6C77CF217_2_00000231C6C77CF2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C6C783DC17_2_00000231C6C783DC
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00919CB3 appears 31 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 0092F9F2 appears 40 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00930A30 appears 46 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal76.troj.evad.winEXE@37/43@74/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009837B5 GetLastError,FormatMessageW,0_2_009837B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009710BF AdjustTokenPrivileges,CloseHandle,0_2_009710BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009716C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_009716C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009851CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_009851CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_0097D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_0098648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009142A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_009142A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6668:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:520:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5596:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6992:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6012:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000F.00000003.1370733341.00000234DCC1F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411031858.00000234DCB67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeVirustotal: Detection: 33%
    Source: random.exeReversingLabs: Detection: 36%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2244 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b56de95-3d03-447b-aebc-420301f26c63} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234c096dd10 socket
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2996 -parentBuildID 20230927232528 -prefsHandle 4160 -prefMapHandle 4184 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e94fe24-f142-4e80-9844-43b6caeb734a} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d2e95810 rdd
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5028 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1560 -prefMapHandle 5020 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f2f0818-bfdf-4269-8b0b-5d127bd07733} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d9b5dd10 utility
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2244 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b56de95-3d03-447b-aebc-420301f26c63} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234c096dd10 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2996 -parentBuildID 20230927232528 -prefsHandle 4160 -prefMapHandle 4184 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e94fe24-f142-4e80-9844-43b6caeb734a} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d2e95810 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5028 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1560 -prefMapHandle 5020 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f2f0818-bfdf-4269-8b0b-5d127bd07733} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d9b5dd10 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdateJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile written: C:\Users\user\AppData\Roaming\Mozilla\Firefox\installs.ini
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: shlwapi.pdbP4 source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UxTheme.pdb source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000F.00000003.1386563249.00000234DCB37000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000F.00000003.1425355913.00000234CE3A1000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: userenv.pdbtype source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winsta.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: bcrypt.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rpcrt4.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: userenv.pdbINTEGER source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425137223.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425355913.00000234CE3A1000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: WscApi.pdb source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1424231333.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: msvcrt.pdb source: firefox.exe, 0000000F.00000003.1416463148.00000234D8D9F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xul.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shcore.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mozglue.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winnsi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000F.00000003.1412133010.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: freebl3.pdb^/.*/registration/.*$ source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shell32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntmarta.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: urlmon.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000F.00000003.1424231333.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shlwapi.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000F.00000003.1423045217.00000234CE39C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000F.00000003.1412133010.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msimg32.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000F.00000003.1412766028.00000234DC83F000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: win32u.pdb source: firefox.exe, 0000000F.00000003.1416140026.00000234D8DBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: devobj.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d3d11.pdb source: firefox.exe, 0000000F.00000003.1386642287.00000234DC579000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1400199782.00000234DC579000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000F.00000003.1423045217.00000234CE39C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: firefox.pdb source: firefox.exe, 0000000F.00000003.1395581311.00000234D8C2B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbghelp.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: srvcli.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: imm32.pdb source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: freebl3.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: profapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: gdi32.pdb source: firefox.exe, 0000000F.00000003.1416140026.00000234D8DBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ws2_32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1412766028.00000234DC83F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: combase.pdbP4 source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WLDP.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdbP4 source: firefox.exe, 0000000F.00000003.1400199782.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC58B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mswsock.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sechost.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nsi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: propsys.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: winmm.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdbP4 source: firefox.exe, 0000000F.00000003.1412133010.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winrnr.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msctf.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ole32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: version.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402709971.00000234D90CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbgcore.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: user32.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416275261.00000234D8DB9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: twinapi.pdb source: firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msasn1.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: psapi.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UxTheme.pdbpreview_image_url source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: DWrite.pdb source: firefox.exe, 0000000F.00000003.1392337074.00000234D9B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1391237736.00000234D9B6B000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: combase.pdb source: firefox.exe, 0000000F.00000003.1415900173.00000234D9028000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntdll.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000F.00000003.1425137223.00000234CE39B000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dxgi.pdb source: firefox.exe, 0000000F.00000003.1389101182.00000234D9BE4000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nss3.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000F.00000003.1412766028.00000234DC83F000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shell32.pdbdns_failed_lookup_time source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wsock32.pdb source: firefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415511181.00000234D908C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: crypt32.pdb source: firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_009142DE
    Source: gmpopenh264.dll.tmp.15.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00930A76 push ecx; ret 0_2_00930A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0092F98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_0092F98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009A1C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_009A1C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-96769
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C64F54B7 rdtsc 17_2_00000231C64F54B7
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0097DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0094C2A2 FindFirstFileExW,0_2_0094C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009868EE FindFirstFileW,FindClose,0_2_009868EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0098698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0097D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0097D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00989642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00989642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0098979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00989B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00989B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00985C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00985C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_009142DE
    Source: firefox.exe, 00000010.00000002.3050299277.0000018C7BCEA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0
    Source: firefox.exe, 0000001A.00000002.1417229061.0000013FF20BB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW4
    Source: random.exe, 00000000.00000003.1273663096.0000000000FE1000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1273020505.0000000000FDF000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1272552390.0000000000FD4000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1272816411.0000000000FDC000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.1274427476.0000000000FE4000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000002.1275788924.0000000000FE8000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3055654020.0000018C7C200000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3054996283.00000231C6B60000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3050895071.00000231C644A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3049740616.0000026ADA57A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3054747048.0000026ADAA00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 0000001A.00000002.1417229061.0000013FF20DC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll&
    Source: firefox.exe, 00000010.00000002.3054790255.0000018C7C116000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000010.00000002.3055654020.0000018C7C200000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll";
    Source: firefox.exe, 0000001A.00000002.1417229061.0000013FF20A0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0{
    Source: firefox.exe, 00000011.00000002.3054996283.00000231C6B60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll(J9
    Source: firefox.exe, 00000010.00000002.3055654020.0000018C7C200000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3054996283.00000231C6B60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_00000231C64F54B7 rdtsc 17_2_00000231C64F54B7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0098EAA2 BlockInput,0_2_0098EAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00942622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00942622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_009142DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00934CE8 mov eax, dword ptr fs:[00000030h]0_2_00934CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00970B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00970B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00942622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00942622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0093083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0093083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009309D5 SetUnhandledExceptionFilter,0_2_009309D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00930C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00930C21
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00971201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00971201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00952BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_00952BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0097B226 SendInput,keybd_event,0_2_0097B226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009922DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_009922DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" -contentproc --channel=2304 -parentbuildid 20230927232528 -prefshandle 2244 -prefmaphandle 2232 -prefslen 25250 -prefmapsize 238690 -win32klockeddown -appdir "c:\program files\mozilla firefox\browser" - {5b56de95-3d03-447b-aebc-420301f26c63} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234c096dd10 socket
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" -contentproc --channel=2996 -parentbuildid 20230927232528 -prefshandle 4160 -prefmaphandle 4184 -prefslen 26265 -prefmapsize 238690 -appdir "c:\program files\mozilla firefox\browser" - {9e94fe24-f142-4e80-9844-43b6caeb734a} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d2e95810 rdd
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" -contentproc --channel=5028 -parentbuildid 20230927232528 -sandboxingkind 0 -prefshandle 1560 -prefmaphandle 5020 -prefslen 33076 -prefmapsize 238690 -win32klockeddown -appdir "c:\program files\mozilla firefox\browser" - {1f2f0818-bfdf-4269-8b0b-5d127bd07733} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d9b5dd10 utility
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" --moz_log sync,prependheader,timestamp,append,maxsize:1,dump:5 --moz_log_file c:\programdata\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046b0af4a39cb\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00970B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00970B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00971663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00971663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00930698 cpuid 0_2_00930698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0096D21C GetLocalTime,0_2_0096D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0096D27A GetUserNameW,0_2_0096D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0094B952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_0094B952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_009142DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_009142DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 2116, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 2116, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00991204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_00991204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00991806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_00991806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain Accounts1
    Command and Scripting Interpreter    		Logon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager3
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials1
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1639372 Sample: random.exe Startdate: 15/03/2025 Architecture: WINDOWS Score: 76 49 youtube.com 2->49 51 youtube-ui.l.google.com 2->51 53 38 other IPs or domains 2->53 61 Antivirus / Scanner detection for submitted sample 2->61 63 Multi AV Scanner detection for submitted file 2->63 65 Yara detected Credential Flusher 2->65 67 2 other signatures 2->67 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        13 firefox.exe 1 2->13         started        signatures3 process4 signatures5 69 Binary is likely a compiled AutoIt script file 8->69 71 Found API chain indicative of sandbox detection 8->71 15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        19 taskkill.exe 1 8->19         started        27 3 other processes 8->27 21 firefox.exe 3 223 11->21         started        25 firefox.exe 13->25         started        process6 dnsIp7 29 conhost.exe 15->29         started        31 conhost.exe 17->31         started        33 conhost.exe 19->33         started        55 shavar.prod.mozaws.net 35.83.47.198, 443, 49717 MERIT-AS-14US United States 21->55 57 youtube.com 172.217.18.14, 443, 49700, 49702 GOOGLEUS United States 21->57 59 12 other IPs or domains 21->59 45 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 21->45 dropped 47 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 21->47 dropped 35 firefox.exe 1 21->35         started        37 firefox.exe 1 21->37         started        39 firefox.exe 1 21->39         started        41 conhost.exe 27->41         started        43 conhost.exe 27->43         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe34%VirustotalBrowse
    random.exe36%ReversingLabsWin32.Trojan.Generic
    random.exe100%AviraTR/ATRAPS.Gen

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://exslt.org/sets0%Avira URL Cloudsafe
    http://www.mozilla.com00%Avira URL Cloudsafe
    https://tracking-protection-issues.herokuapp.com/new0%Avira URL Cloudsafe
    http://exslt.org/dates-and-times0%Avira URL Cloudsafe
    https://identity.mozilla.com/ids/ecosystem_telemetryU0%Avira URL Cloudsafe
    https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-1520%Avira URL Cloudsafe
    http://a9.com/-/spec/opensearch/1.0/0%Avira URL Cloudsafe
    http://exslt.org/strings0%Avira URL Cloudsafe
    https://xhr.spec.whatwg.org/#sync-warning0%Avira URL Cloudsafe
    https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f0%Avira URL Cloudsafe
    https://identity.mozilla.com/apps/relay0%Avira URL Cloudsafe
    https://coverage.mozilla.org0%Avira URL Cloudsafe
    https://screenshots.firefox.com/0%Avira URL Cloudsafe
    https://blocked.cdn.mozilla.net/0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		96.7.128.186
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.251.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		162.159.140.229
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		35.83.47.198
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.129.91
                  		truefalse
                    		high
                    dyna.wikimedia.org
                    		185.15.59.224
                    		truefalse
                      		high
                      prod.remote-settings.prod.webservices.mozgcp.net
                      		34.149.100.209
                      		truefalse
                        		high
                        contile.services.mozilla.com
                        		34.117.188.166
                        		truefalse
                          		high
                          youtube.com
                          		172.217.18.14
                          		truefalse
                            		high
                            prod.content-signature-chains.prod.webservices.mozgcp.net
                            		34.160.144.191
                            		truefalse
                              		high
                              a19.dscg10.akamai.net
                              		2.22.61.56
                              		truefalse
                                		high
                                youtube-ui.l.google.com
                                		172.217.16.206
                                		truefalse
                                  		high
                                  us-west1.prod.sumo.prod.webservices.mozgcp.net
                                  		34.149.128.2
                                  		truefalse
                                    		high
                                    reddit.map.fastly.net
                                    		151.101.129.140
                                    		truefalse
                                      		high
                                      ipv4only.arpa
                                      		192.0.0.171
                                      		truefalse
                                        		high
                                        prod.ads.prod.webservices.mozgcp.net
                                        		34.117.188.166
                                        		truefalse
                                          		high
                                          push.services.mozilla.com
                                          		34.107.243.93
                                          		truefalse
                                            		high
                                            normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                            		34.49.51.44
                                            		truefalse
                                              		high
                                              telemetry-incoming.r53-2.services.mozilla.com
                                              		34.120.208.123
                                              		truefalse
                                                		high
                                                www.reddit.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  spocs.getpocket.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content-signature-2.cdn.mozilla.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      support.mozilla.org
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        firefox.settings.services.mozilla.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.youtube.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.facebook.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              detectportal.firefox.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                normandy.cdn.mozilla.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  shavar.services.mozilla.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.wikipedia.org
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 0000000F.00000003.1438036128.00000234D2E91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1396711809.00000234D8B4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://detectportal.firefox.com/firefox.exe, 0000000F.00000003.1298266850.00000234D1D38000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                              		high
                                                                              https://datastudio.google.com/embed/reporting/firefox.exe, 0000000F.00000003.1400199782.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336190673.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1386642287.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1313491678.00000234DAAC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1433807999.00000234DC5A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC5A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321482438.00000234D1B7C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://www.mozilla.com0gmpopenh264.dll.tmp.15.drfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000011.00000002.3052053964.00000231C6686000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA98E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://spocs.getpocket.com/user2firefox.exe, 00000017.00000002.3052152779.0000026ADA9F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://spocs.getpocket.com/spocsfirefox.exe, 0000000F.00000003.1395581311.00000234D8C47000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://completion.amazon.com/search/complete?q=firefox.exe, 0000000F.00000003.1249964577.00000234CE546000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249695624.00000234D0900000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000F.00000003.1389101182.00000234D9B9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336842108.00000234D9B9D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000F.00000003.1386563249.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371357174.00000234DCB4D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411261980.00000234DCB51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://monitor.firefox.com/breach-details/firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000F.00000003.1435149968.00000234D8D1A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()firefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000F.00000003.1298266850.00000234D1D8B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1366271560.00000234D97B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://www.msn.comfirefox.exe, 0000000F.00000003.1396711809.00000234D8B2F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://mozilla.org/0firefox.exe, 0000000F.00000003.1376524409.000011402AA03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000F.00000003.1249964577.00000234CE546000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249695624.00000234D0900000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequestfirefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-deffirefox.exe, 0000000F.00000003.1291527555.00000234D44B9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        		unknown
                                                                                                                        http://exslt.org/setsfirefox.exe, 0000001A.00000003.1409420475.0000013FFC0A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1414048567.0000013FFC0A9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        		unknown
                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://youtube.com/firefox.exe, 0000000F.00000003.1405105468.00000234D45F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1286325161.00000234D3444000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1405556817.00000234D4579000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000F.00000003.1392752663.00000234D9061000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D906B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402834162.00000234D9061000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://youtube.com/account?=https://acfirefox.exe, 00000017.00000002.3051788728.0000026ADA8A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://api.accounts.firefox.com/v1firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      http://exslt.org/commonfirefox.exe, 0000001A.00000003.1409420475.0000013FFC0A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1414048567.0000013FFC0A9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiprefs-1.js.15.drfalse
                                                                                                                                          		high
                                                                                                                                          https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThefirefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://www.amazon.com/firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC1AE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    http://exslt.org/dates-and-timesfirefox.exe, 0000001A.00000002.1418853881.0000013FFC062000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                    		unknown
                                                                                                                                                    https://www.youtube.com/firefox.exe, 00000017.00000002.3052152779.0000026ADA90C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 0000000F.00000003.1393590562.00000234D8D52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C66C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA9C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://127.0.0.1:firefox.exe, 0000000F.00000003.1408621551.00000234D3477000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297762605.00000234D3477000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1315604653.00000234D1B75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1319339914.00000234D1B76000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000F.00000003.1346496513.00000234D239F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                  		unknown
                                                                                                                                                                  https://bugzilla.mofirefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://mitmdetection.services.mozilla.com/firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://youtube.com/account?=recovery.jsonlz4.tmp.15.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://spocs.getpocket.com/firefox.exe, 0000000F.00000003.1395581311.00000234D8C47000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3052053964.00000231C6612000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000017.00000002.3052152779.0000026ADA913000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://youtube.com/account?=https://accounts.googlVfirefox.exe, 00000017.00000002.3049740616.0000026ADA57A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://support.mozilla.org/products/firefoxgro.allizom.troppus.places.sqlite-wal.15.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    http://exslt.org/stringsfirefox.exe, 0000001A.00000002.1416271081.0000013FF080A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://accounts.firefox.com/&firefox.exe, 0000000F.00000003.1370058516.00000234DCCD3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1401306890.00000234DCCD3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://monitor.firefox.com/user/dashboardfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://bugzilla.mozilla.org/show_bug.cgi?id=1170143firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://monitor.firefox.com/aboutfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://mozilla.org/MPL/2.0/.firefox.exe, 0000000F.00000003.1396009914.00000234D8C0B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1395581311.00000234D8C3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1362401533.00000234D1BF0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1378223006.00000234D9773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283243135.00000234DA7EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1312336605.00000234D1BDA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1352715421.00000234D23D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1345181556.00000234DA043000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321045802.00000234D1BD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1375301104.00000234D0675000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426632886.00000234D07D2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1393779764.00000234D8D3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1417115267.00000234D8C3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438036128.00000234D2E91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436106562.00000234D972C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1314804308.00000234D1CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1311993383.00000234DAA51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1314804308.00000234D1CC3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1287706788.00000234D2FD9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1364500898.00000234DAA53000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1255326672.00000234D0EA6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        http://youtube.com/firefox.exe, 0000000F.00000003.1296856748.00000234D907D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://login.microsoftonline.comfirefox.exe, 0000000F.00000003.1397258678.00000234D8A8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1417973850.00000234D8A95000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://coverage.mozilla.orgfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestStofirefox.exe, 0000001A.00000002.1418112740.0000013FFBEC0000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.15.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/f0f51715-7f5e-48de-839firefox.exe, 0000000F.00000003.1291527555.00000234D44B9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://x1.c.lencr.org/0firefox.exe, 0000000F.00000003.1336190673.00000234DC573000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297306367.00000234D8CC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC573000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://x1.i.lencr.org/0firefox.exe, 0000000F.00000003.1336190673.00000234DC573000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1297306367.00000234D8CC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1371937383.00000234DC573000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000F.00000003.1402834162.00000234D90C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D90C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D90C3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000F.00000003.1431609773.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380416004.00000234D8E16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1283298990.00000234D8E23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436928115.00000234D8E1F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://blocked.cdn.mozilla.net/firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                          https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://json-schema.org/draft/2019-09/schemafirefox.exe, 0000000F.00000003.1402834162.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1296856748.00000234D907D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1392752663.00000234D907C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1415592283.00000234D907C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000F.00000003.1435149968.00000234D8D1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001A.00000003.1404894733.0000013FFC192000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://profiler.firefox.comfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://bugzilla.mozilla.org/show_bug.cgi?id=793869firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://identity.mozilla.com/apps/relayfirefox.exe, 0000000F.00000003.1388595612.00000234D9FA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1336755245.00000234D9FA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1402603719.00000234D9FAE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000F.00000003.1407629641.00000234D36CE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1678448firefox.exe, 0000000F.00000003.1317186923.00000234D1C16000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1317984128.00000234D1BB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1321045802.00000234D1BB7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1320069648.00000234D1C28000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/firefox.exe, 0000000F.00000003.1371663242.00000234DC87B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1411953505.00000234DC8C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://contile.services.mozilla.com/v1/tilesfirefox.exe, 0000000F.00000003.1403996748.00000234D8B99000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/firefox.exe, 0000000F.00000003.1400587931.00000234DABA3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://monitor.firefox.com/user/preferencesfirefox.exe, 00000010.00000002.3051852350.0000018C7BDC0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3051246066.00000231C6480000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000017.00000002.3051534482.0000026ADA800000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://screenshots.firefox.com/firefox.exe, 0000000F.00000003.1249833729.00000234CE524000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                                                                                  		unknown

                                                                                                                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                                                                                  Public IPs

                                                                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                  172.217.18.14
                                                                                                                                                                                                                                                  		youtube.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  2.22.61.56
                                                                                                                                                                                                                                                  		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                  34.149.100.209
                                                                                                                                                                                                                                                  		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  151.101.129.91
                                                                                                                                                                                                                                                  		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                  		54113FASTLYUSfalse
                                                                                                                                                                                                                                                  34.107.243.93
                                                                                                                                                                                                                                                  		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  34.107.221.82
                                                                                                                                                                                                                                                  		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  35.244.181.201
                                                                                                                                                                                                                                                  		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  34.49.51.44
                                                                                                                                                                                                                                                  		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  34.117.188.166
                                                                                                                                                                                                                                                  		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                  		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                  35.83.47.198
                                                                                                                                                                                                                                                  		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                  		237MERIT-AS-14USfalse
                                                                                                                                                                                                                                                  35.190.72.216
                                                                                                                                                                                                                                                  		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  34.160.144.191
                                                                                                                                                                                                                                                  		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  34.120.208.123
                                                                                                                                                                                                                                                  		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                  Private

                                                                                                                                                                                                                                                  IP
                                                                                                                                                                                                                                                  127.0.0.1

                                                                                                                                                                                                                                                  General Information

                                                                                                                                                                                                                                                  Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                  Analysis ID:1639372
                                                                                                                                                                                                                                                  Start date and time:2025-03-15 13:43:35 +01:00
                                                                                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                  Overall analysis duration:0h 7m 48s
                                                                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                  Report type:full
                                                                                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                  Run name:Run with higher sleep bypass
                                                                                                                                                                                                                                                  Number of analysed new started processes analysed:30
                                                                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                                                                  Sample name:random.exe
                                                                                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                                                                                  Classification:mal76.troj.evad.winEXE@37/43@74/14
                                                                                                                                                                                                                                                  EGA Information:
                                                                                                                                                                                                                                                  • Successful, ratio: 50%
                                                                                                                                                                                                                                                  HCA Information:
                                                                                                                                                                                                                                                  • Successful, ratio: 96%
                                                                                                                                                                                                                                                  • Number of executed functions: 50
                                                                                                                                                                                                                                                  • Number of non-executed functions: 292
                                                                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                                                                  • Found application associated with file extension: .exe
                                                                                                                                                                                                                                                  • Sleeps bigger than 100000000ms are automatically reduced to 1000ms
                                                                                                                                                                                                                                                  • Sleep loops longer than 100000000ms are bypassed. Single calls with delay of 100000000ms and higher are ignored

                                                                                                                                                                                                                                                  Warnings

                                                                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 142.250.65.174, 142.250.186.42, 142.250.185.202, 142.250.186.78, 142.250.74.206, 23.60.203.209, 172.202.163.200
                                                                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): fs.microsoft.com, ciscobinary.openh264.org, redirector.gvt1.com, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, safebrowsing.googleapis.com, aus5.mozilla.org, location.services.mozilla.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                  • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                  Simulations

                                                                                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                                                                                  No simulations

                                                                                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                                                                                  IPs

                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                  2.22.61.56http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  http://ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-31c4d2e4a037526fd30d4e5c39f60885986cf865.zip
                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                  • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                  34.149.100.209VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    https://flowto.it/eEoTA6vzsR?fc=0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                      https://aws.orgserv.dnsnet.cloud.anondns.netGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                        http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                            REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                              Ahnenblatt4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                LDWin.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    151.101.129.91https://auth.microsites.m-atelier.cz/redir?url=https://telegra.ph/Charlotte-Reeves-03-13&data=05%7C02%7Cteat@test.com%7Cf85134ec55e24fa0741708dd623d50ea%7C22def1f7e945453d836bda7282c42443%7C0%7C0%7C638774737677482831%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ==%7C0%7C%7C%7C&sdata=AFWlQKGCYsB3szoYr99UdtJsHEuv5b0KPmvHih+dvhk=&reserved=0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      https://9b861c16-89be-495d-af06-94ec1b71b5cd-00-3shcaiuf2cafc.worf.replit.dev/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        http://account.hrblock.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            http://www.creditsafe.com/us/en.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                https://pixcams.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  http://uamotyevd.giftrend.click/index.php?search=4&d155157&gjzla=302-2094&lm=1652441IFAP403&sd=9&page=WrLaWzz2HzKyHSpGet hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                    https://docs.google.com/presentation/d/e/2PACX-1vSD3xRufJnO_BfDj9K5us0EOxJ5Ucd5eKFcymNDbUl3yssUv-r9zr-8ZT_7mbdEC2j7QbP4plEl8AAV/pub?start=false&loop=false&delayms=3000Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                        Domains

                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                        shavar.prod.mozaws.netVirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 52.35.142.224
                                                                                                                                                                                                                                                                                        am_no.batGet hashmaliciousAmadey, Credential Flusher, Healer AV Disabler, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 44.229.113.109
                                                                                                                                                                                                                                                                                        5c9465cda4.exeGet hashmaliciousAmadey, GCleaner, LiteHTTP Bot, LummaC Stealer, Mint Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 44.231.118.238
                                                                                                                                                                                                                                                                                        http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 52.26.30.181
                                                                                                                                                                                                                                                                                        http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 52.26.30.181
                                                                                                                                                                                                                                                                                        REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                        • 52.26.30.181
                                                                                                                                                                                                                                                                                        F2024065877 (1).htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 35.165.160.211
                                                                                                                                                                                                                                                                                        https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 52.26.30.181
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                        • 44.231.111.180
                                                                                                                                                                                                                                                                                        example.orgVirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 23.215.0.132
                                                                                                                                                                                                                                                                                        AaxpYFDQ32.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                        am_no.batGet hashmaliciousAmadey, Credential Flusher, Healer AV Disabler, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 23.215.0.132
                                                                                                                                                                                                                                                                                        LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                        • 96.7.128.186
                                                                                                                                                                                                                                                                                        5c9465cda4.exeGet hashmaliciousAmadey, GCleaner, LiteHTTP Bot, LummaC Stealer, Mint Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 96.7.128.186
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                        http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                        http://mail.aestheticfina.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                        REMITTANCE DETAILS....xlsxGet hashmaliciousHTMLPhisher, Invisible JSBrowse
                                                                                                                                                                                                                                                                                        • 23.215.0.133
                                                                                                                                                                                                                                                                                        star-mini.c10r.facebook.comhttps://sheingivesback.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 157.240.252.35
                                                                                                                                                                                                                                                                                        https://logon----app--ledgelive.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                        https://auth-app---crypto-sso--web-ced-cdn.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 157.240.252.35
                                                                                                                                                                                                                                                                                        https://danse94.com/wp-content/upgrade/zoomvoicemail/chameleon/#rbaldridge@ah4r.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 157.240.253.35
                                                                                                                                                                                                                                                                                        https://toysforhottubs.com/4XFdob16160NKIj279hgkphiycps610KOHUGVLGONYFUDE3572627MVAO3008q14Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                        • 157.240.251.35
                                                                                                                                                                                                                                                                                        (No subject).emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                        http://spfda.goelia1995.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 157.240.251.35
                                                                                                                                                                                                                                                                                        http://ads.pancing77e.live/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                        https://app.storylane.io/share/3aoqhstphemlGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                                                                                                                                                                                                                                        • 157.240.251.35

                                                                                                                                                                                                                                                                                        ASNs

                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                        AKAMAI-ASN1EUrandom.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, XmrigBrowse
                                                                                                                                                                                                                                                                                        • 23.197.127.21
                                                                                                                                                                                                                                                                                        Our Order.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 2.16.100.168
                                                                                                                                                                                                                                                                                        https://sreqmcoommnunlty.com/pikus/kils/nuksGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 95.101.149.47
                                                                                                                                                                                                                                                                                        https://pub-e78c2744dccf4257afcf7fafe0f41927.r2.dev/cmail.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 2.16.164.104
                                                                                                                                                                                                                                                                                        https://sreqmcoommnunlty.com/bysre/tytik/polsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 95.101.149.47
                                                                                                                                                                                                                                                                                        Sweepingcorp00990__098.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 95.101.182.112
                                                                                                                                                                                                                                                                                        http://modepro.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 2.16.164.91
                                                                                                                                                                                                                                                                                        https://logon----app--ledgelive.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 95.101.182.42
                                                                                                                                                                                                                                                                                        https://auth-app---crypto-sso--web-ced-cdn.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 95.101.182.42
                                                                                                                                                                                                                                                                                        ATGS-MMD-ASUShgfs.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.178.176.39
                                                                                                                                                                                                                                                                                        hgfs.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 48.14.181.15
                                                                                                                                                                                                                                                                                        hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.20.69.136
                                                                                                                                                                                                                                                                                        hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 32.243.105.186
                                                                                                                                                                                                                                                                                        hgfs.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 32.90.140.16
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 48.221.53.121
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.224.176.176
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.i686.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.43.170.15
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.i486.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 51.0.20.250
                                                                                                                                                                                                                                                                                        FASTLYUSOrder.jsGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                        • 185.199.108.133
                                                                                                                                                                                                                                                                                        APC2_240708172813545null_847608629.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 199.232.214.172
                                                                                                                                                                                                                                                                                        P0-0994-12.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 199.232.210.172
                                                                                                                                                                                                                                                                                        https://sreqmcoommnunlty.com/pikus/kils/nuksGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 151.101.195.52
                                                                                                                                                                                                                                                                                        https://blackshadowh4ck3r.github.io/Facebook-loginGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 185.199.108.153
                                                                                                                                                                                                                                                                                        http://att-100338.square.site/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 151.101.1.46
                                                                                                                                                                                                                                                                                        https://pub-e78c2744dccf4257afcf7fafe0f41927.r2.dev/cmail.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                        • 151.101.1.140
                                                                                                                                                                                                                                                                                        https://sreqmcoommnunlty.com/bysre/tytik/polsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 151.101.195.52
                                                                                                                                                                                                                                                                                        http://btwebmailservicecare.weebly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 151.101.1.46
                                                                                                                                                                                                                                                                                        ATGS-MMD-ASUShgfs.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.178.176.39
                                                                                                                                                                                                                                                                                        hgfs.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 48.14.181.15
                                                                                                                                                                                                                                                                                        hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.20.69.136
                                                                                                                                                                                                                                                                                        hgfs.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 32.243.105.186
                                                                                                                                                                                                                                                                                        hgfs.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 32.90.140.16
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 48.221.53.121
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.224.176.176
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.i686.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 57.43.170.15
                                                                                                                                                                                                                                                                                        KKveTTgaAAsecNNaaaa.i486.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 51.0.20.250

                                                                                                                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                        fb0aa01abe9d8e4037eb3473ca6e2dcaDocument25.xlsmGet hashmaliciousScreenConnect Tool, AsyncRAT, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        VirusShare_661c60ba6e4e5e7864714aed6cda9d55.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        AaxpYFDQ32.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        am_no.batGet hashmaliciousAmadey, Credential Flusher, Healer AV Disabler, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousAmadey, Credential Flusher, GCleaner, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        Ahnenblatt4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                        • 34.120.208.123

                                                                                                                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)http://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                    https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmphttp://pixcams.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            https://dub.sh/CBJeBrPGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                            Created / dropped Files

                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_fbb348d3-bae3-4f0f-9f4c-6d3e3b5fd6f3.json (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):7946
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.178065654700028
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:192:DMBM8Bd2tbhbVbTbfbRbObtbyEl7nUNjJA6unSrDtTkdxSofH:QiBtNhnzFSJ0N61nSrDhkdxz
                                                                                                                                                                                                                                                                                                                            MD5:B1B72AA7764DD41BD969F0114528E572
                                                                                                                                                                                                                                                                                                                            SHA1:F912E3D2618ED10BE07298CCDFE2A2671206B1B0
                                                                                                                                                                                                                                                                                                                            SHA-256:7A5012F3DE4AA87B56763FCAF4EFEAA9052D3F0F846668ACCEF624528FA30567
                                                                                                                                                                                                                                                                                                                            SHA-512:0F09156D644FE143B6868E60708F993AD9E6CC9977CF00611F3BF72CCE2944E7AD90902BDEF76AE14C164228980FE1171DF859F7ECD82F57C2C54A5EE4FCED0E
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"type":"uninstall","id":"fbb348d3-bae3-4f0f-9f4c-6d3e3b5fd6f3","creationDate":"2025-03-15T14:29:09.378Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"7340e351-fad3-4a0f-b554-971fbfafe8fb","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_fbb348d3-bae3-4f0f-9f4c-6d3e3b5fd6f3.json.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):7946
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.178065654700028
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:192:DMBM8Bd2tbhbVbTbfbRbObtbyEl7nUNjJA6unSrDtTkdxSofH:QiBtNhnzFSJ0N61nSrDhkdxz
                                                                                                                                                                                                                                                                                                                            MD5:B1B72AA7764DD41BD969F0114528E572
                                                                                                                                                                                                                                                                                                                            SHA1:F912E3D2618ED10BE07298CCDFE2A2671206B1B0
                                                                                                                                                                                                                                                                                                                            SHA-256:7A5012F3DE4AA87B56763FCAF4EFEAA9052D3F0F846668ACCEF624528FA30567
                                                                                                                                                                                                                                                                                                                            SHA-512:0F09156D644FE143B6868E60708F993AD9E6CC9977CF00611F3BF72CCE2944E7AD90902BDEF76AE14C164228980FE1171DF859F7ECD82F57C2C54A5EE4FCED0E
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"type":"uninstall","id":"fbb348d3-bae3-4f0f-9f4c-6d3e3b5fd6f3","creationDate":"2025-03-15T14:29:09.378Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"7340e351-fad3-4a0f-b554-971fbfafe8fb","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):586
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.167181319176672
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:12:tjnWHqk+9oBnFohs94tqnFohs6M3v4nFohs94tqnFohs6xQXGYD:EHqk+CQhsmPhsd3v3hsmPhshGU
                                                                                                                                                                                                                                                                                                                            MD5:FE745C095050001DB2F3135F059B410C
                                                                                                                                                                                                                                                                                                                            SHA1:BC909DB3FE00DAC97086ACE56E750F52D84C3BD5
                                                                                                                                                                                                                                                                                                                            SHA-256:5771BBE58714C587A2F329F21B69F2EC16CFA522C3B467A13B8DC76DCF4160D5
                                                                                                                                                                                                                                                                                                                            SHA-512:4220708F657A5D574A56D9F4852933EE0F79ACB9E27E3D1AC3B1B0DE63CC58F11791BE035C1E1CE6AFCFABD117384237913F2437955C879FB2FC758FB6AB1639
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:..***....2025-03-15 12:44:47.736000 UTC - [(null) 680: Main Thread]: I/Logger Opening log..2025-03-15 12:44:48.198000 UTC - [Parent 680: Main Thread]: D/Dump [Backstage.Dump] console.error: BackgroundUpdate: ..2025-03-15 12:44:48.198000 UTC - [Parent 680: Main Thread]: D/Dump [Backstage.Dump] runBackgroundTask: backgroundupdate..2025-03-15 12:44:48.198000 UTC - [Parent 680: Main Thread]: D/Dump [Backstage.Dump] console.error: BackgroundUpdate: ..2025-03-15 12:44:48.198000 UTC - [Parent 680: Main Thread]: D/Dump [Backstage.Dump] runBackgroundTask: another instance is running..

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):32768
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                            MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                            SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                            SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                            SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):453023
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                                                                                                                            SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                            MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                            SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                            SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                            SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):5488
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.3024941555987257
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:dR4bdf13Af/TIUx2dWoM152LN8zmOR4bdf13Af/swM+bpoqdWoM152LFX1RgmYRO:4dufkUgdw3zCdufI6BdwxEdufoadwT1
                                                                                                                                                                                                                                                                                                                            MD5:7FD461B3D0CA7A5AFEE988FE0FF1C6C1
                                                                                                                                                                                                                                                                                                                            SHA1:963D6959EC7D558F0A0E3974A5BC589E7617236B
                                                                                                                                                                                                                                                                                                                            SHA-256:94F44104F7AA31AB91A7B4E9101103010F0DE54098E62D8CFC349C72800B2F21
                                                                                                                                                                                                                                                                                                                            SHA-512:EA2BABA91DF84397E150377C1A9A598CA917730E47EE5DEF5E7524262837431369FA56ECFE1F0C3C1F64682861A1C0293C9BD1D9049C5D56ECBCA20E3C7531EA
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IoZ.e....B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WoZ.e............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WoZ.e..............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z............Hsd.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):5488
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.3024941555987257
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:dR4bdf13Af/TIUx2dWoM152LN8zmOR4bdf13Af/swM+bpoqdWoM152LFX1RgmYRO:4dufkUgdw3zCdufI6BdwxEdufoadwT1
                                                                                                                                                                                                                                                                                                                            MD5:7FD461B3D0CA7A5AFEE988FE0FF1C6C1
                                                                                                                                                                                                                                                                                                                            SHA1:963D6959EC7D558F0A0E3974A5BC589E7617236B
                                                                                                                                                                                                                                                                                                                            SHA-256:94F44104F7AA31AB91A7B4E9101103010F0DE54098E62D8CFC349C72800B2F21
                                                                                                                                                                                                                                                                                                                            SHA-512:EA2BABA91DF84397E150377C1A9A598CA917730E47EE5DEF5E7524262837431369FA56ECFE1F0C3C1F64682861A1C0293C9BD1D9049C5D56ECBCA20E3C7531EA
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IoZ.e....B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WoZ.e............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WoZ.e..............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z............Hsd.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\AP52OKF9K4PGMDDH0H4X.temp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                            Category:modified
                                                                                                                                                                                                                                                                                                                            Size (bytes):5488
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.3024941555987257
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:dR4bdf13Af/TIUx2dWoM152LN8zmOR4bdf13Af/swM+bpoqdWoM152LFX1RgmYRO:4dufkUgdw3zCdufI6BdwxEdufoadwT1
                                                                                                                                                                                                                                                                                                                            MD5:7FD461B3D0CA7A5AFEE988FE0FF1C6C1
                                                                                                                                                                                                                                                                                                                            SHA1:963D6959EC7D558F0A0E3974A5BC589E7617236B
                                                                                                                                                                                                                                                                                                                            SHA-256:94F44104F7AA31AB91A7B4E9101103010F0DE54098E62D8CFC349C72800B2F21
                                                                                                                                                                                                                                                                                                                            SHA-512:EA2BABA91DF84397E150377C1A9A598CA917730E47EE5DEF5E7524262837431369FA56ECFE1F0C3C1F64682861A1C0293C9BD1D9049C5D56ECBCA20E3C7531EA
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IoZ.e....B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WoZ.e............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WoZ.e..............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z............Hsd.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\PCFN0MB4BHSFGI347J4V.temp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):5488
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.3024941555987257
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:dR4bdf13Af/TIUx2dWoM152LN8zmOR4bdf13Af/swM+bpoqdWoM152LFX1RgmYRO:4dufkUgdw3zCdufI6BdwxEdufoadwT1
                                                                                                                                                                                                                                                                                                                            MD5:7FD461B3D0CA7A5AFEE988FE0FF1C6C1
                                                                                                                                                                                                                                                                                                                            SHA1:963D6959EC7D558F0A0E3974A5BC589E7617236B
                                                                                                                                                                                                                                                                                                                            SHA-256:94F44104F7AA31AB91A7B4E9101103010F0DE54098E62D8CFC349C72800B2F21
                                                                                                                                                                                                                                                                                                                            SHA-512:EA2BABA91DF84397E150377C1A9A598CA917730E47EE5DEF5E7524262837431369FA56ECFE1F0C3C1F64682861A1C0293C9BD1D9049C5D56ECBCA20E3C7531EA
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:...................................FL..................F.@.. ...p.......................S...........................P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IoZ.e....B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WoZ.e............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WoZ.e..............................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z............Hsd.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\h47hrvlz.MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate\compatibility.ini

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Windows WIN.INI
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):200
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.391255133360986
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:tZAQUsjcmktYWwktUp/UNE2aT/P4WX1rDZjrEFwHQ3ZjrEFwslyy:JWtYWXtUp8babN1rDVEFycVEFL
                                                                                                                                                                                                                                                                                                                            MD5:3FB561547A46AF02D6B00F86DC370634
                                                                                                                                                                                                                                                                                                                            SHA1:914867E4C763611B441835A3FC0082359FBF7277
                                                                                                                                                                                                                                                                                                                            SHA-256:5393F0E8D90EE6A26EAC13B81B83EDC0637487B3E427175021D7EC4CDE8E34A7
                                                                                                                                                                                                                                                                                                                            SHA-512:0E05486A6B6AD65D3A95FCFE46BE6687DD47E311374F11DE89F9CFB8C301951D6BFE43FA24851A3E759B6F8AF69A5F593568FB61F576AB52941F6B2B6EE54BC8
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:[Compatibility]..LastVersion=118.0.1_20230927232528/20230927232528..LastOSABI=WINNT_x86_64-msvc..LastPlatformDir=C:\Program Files\Mozilla Firefox..LastAppDir=C:\Program Files\Mozilla Firefox\browser..

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\h47hrvlz.MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate\prefs.js

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):484
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.934017531231027
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:12:j8sGCS2XKHYX6UlTSU9Mylau1yIV6YRNCL4MwR6Vx5:XnKH66UZ9Blz1zV61LF
                                                                                                                                                                                                                                                                                                                            MD5:A2AABDD83AD1B7A863F6A78C807305F6
                                                                                                                                                                                                                                                                                                                            SHA1:9F2CF40D8ABA9EA77742534B47336DC4A027317B
                                                                                                                                                                                                                                                                                                                            SHA-256:05B7320A5D259B45A0A49037E074EBA42A670AEDD96064F25320C9F258510197
                                                                                                                                                                                                                                                                                                                            SHA-512:929F9058FD2E24E336F2892EA6FF8835F7608AA08295CFBBCDCF998F623336A46476EBE97934F579022BFFE5463DB5A659C41D1C96A7CFA6CE53189454AB674E
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("browser.launcherProcess.enabled", true);..user_pref("toolkit.startup.last_success", 1742042687);..

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):4419
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.934814768146726
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:96:gXiNFS+OcPUFEOdwNIOdwBjvYVbsL0K88P:gXiNFS+OcUGOdwiOdwBjkYLr88P
                                                                                                                                                                                                                                                                                                                            MD5:4D02A3A556D4F82249C4A88530A4F062
                                                                                                                                                                                                                                                                                                                            SHA1:0F923B13EA96385FC5FDCA79F74F0FD46B706410
                                                                                                                                                                                                                                                                                                                            SHA-256:406650162C6C7298E46DB33514DC176CA74FF79C84165771B3284204FDAFA1CD
                                                                                                                                                                                                                                                                                                                            SHA-512:EE94A3D84BB3F926F96595D8137ED72FBC07787CF52EA92806D15B580AAE660FFEFE8D200859E61A83C34F0E7DD69C4E0A5E50862101C47BB51239D45E4D28CD
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"bookmarks-toolbar-default-on":{"slug":"bookmarks-toolbar-default-on","branch":{"slug":"treatment-a","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"enableBookmarksToolbar":"always"},"enabled":true,"featureId":"bookmarks"}]},"active":true,"enrollmentId":"d48f64a8-a4ab-4cdd-a650-4b386e41a201","experimentType":"nimbus","source":"rs-loader","userFacingName":"Bookmarks Toolbar Default On","userFacingDescription":"An experiment that turns the bookmarks toolbar on by default.","lastSeen":"2023-10-05T06:20:35.557Z","featureIds":["bookmarks"],"prefs":[{"name":"browser.toolbars.bookmarks.visibility","branch":"user","featureId":"bookmarks","variable":"enableBookmarksToolbar","originalValue":null}],"isRollout":false},"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-s

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):4419
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.934814768146726
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:96:gXiNFS+OcPUFEOdwNIOdwBjvYVbsL0K88P:gXiNFS+OcUGOdwiOdwBjkYLr88P
                                                                                                                                                                                                                                                                                                                            MD5:4D02A3A556D4F82249C4A88530A4F062
                                                                                                                                                                                                                                                                                                                            SHA1:0F923B13EA96385FC5FDCA79F74F0FD46B706410
                                                                                                                                                                                                                                                                                                                            SHA-256:406650162C6C7298E46DB33514DC176CA74FF79C84165771B3284204FDAFA1CD
                                                                                                                                                                                                                                                                                                                            SHA-512:EE94A3D84BB3F926F96595D8137ED72FBC07787CF52EA92806D15B580AAE660FFEFE8D200859E61A83C34F0E7DD69C4E0A5E50862101C47BB51239D45E4D28CD
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"bookmarks-toolbar-default-on":{"slug":"bookmarks-toolbar-default-on","branch":{"slug":"treatment-a","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"enableBookmarksToolbar":"always"},"enabled":true,"featureId":"bookmarks"}]},"active":true,"enrollmentId":"d48f64a8-a4ab-4cdd-a650-4b386e41a201","experimentType":"nimbus","source":"rs-loader","userFacingName":"Bookmarks Toolbar Default On","userFacingDescription":"An experiment that turns the bookmarks toolbar on by default.","lastSeen":"2023-10-05T06:20:35.557Z","featureIds":["bookmarks"],"prefs":[{"name":"browser.toolbars.bookmarks.visibility","branch":"user","featureId":"bookmarks","variable":"enableBookmarksToolbar","originalValue":null}],"isRollout":false},"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-s

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):5308
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                            MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                            SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                            SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                            SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):5308
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                            MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                            SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                            SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                            SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):24
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                            MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                            SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                            SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                            SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):24
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                            MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                            SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                            SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                            SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):262144
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                            MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                            SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                            SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                            SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):66
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                            MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                            SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                            SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                            SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):66
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                            MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                            SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                            SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                            SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):36830
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.185052013683835
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:768:AI4wvfCXh496G4C4U1W4z4xuHhvp4N4Tc4Z4S4t24U:AruBv3
                                                                                                                                                                                                                                                                                                                            MD5:10E2D85FEF0DB266E519048D63617FA8
                                                                                                                                                                                                                                                                                                                            SHA1:EBB307C44EBEFFA271AC58FDDE5C3A1BA52AE7B0
                                                                                                                                                                                                                                                                                                                            SHA-256:92143A48F55639B5BD01385D0E4E78EDED4F84401A91C12AC06251EE188CFE0E
                                                                                                                                                                                                                                                                                                                            SHA-512:164CBE725B44020AD40D165A1B1C242A7016ED8933AB9502D0D38E6CD99887D9DF49533DE54068AA4E5D8476C7791B52518A8477B8961475B7CB2C3AF54B81B1
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{87ef1fa3-cb84-4bbf-a615-45a1d14b629d}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):36830
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.185052013683835
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:768:AI4wvfCXh496G4C4U1W4z4xuHhvp4N4Tc4Z4S4t24U:AruBv3
                                                                                                                                                                                                                                                                                                                            MD5:10E2D85FEF0DB266E519048D63617FA8
                                                                                                                                                                                                                                                                                                                            SHA1:EBB307C44EBEFFA271AC58FDDE5C3A1BA52AE7B0
                                                                                                                                                                                                                                                                                                                            SHA-256:92143A48F55639B5BD01385D0E4E78EDED4F84401A91C12AC06251EE188CFE0E
                                                                                                                                                                                                                                                                                                                            SHA-512:164CBE725B44020AD40D165A1B1C242A7016ED8933AB9502D0D38E6CD99887D9DF49533DE54068AA4E5D8476C7791B52518A8477B8961475B7CB2C3AF54B81B1
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{87ef1fa3-cb84-4bbf-a615-45a1d14b629d}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):32768
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                            MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                            SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                            SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                            SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                            MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                            SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                            SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                            SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                            Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                            MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                            SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                            SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                            SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                            Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):116
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                            MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                            SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                            SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                            SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):116
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                            MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                            SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                            SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                            SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):98304
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.07335892763187632
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zki+:DLhesh7Owd4+ji+
                                                                                                                                                                                                                                                                                                                            MD5:1B4AF8ADD83BAD15B5F04E74DE13BB1B
                                                                                                                                                                                                                                                                                                                            SHA1:156FA3CA5AFE36B72ED3FF2B02E019806C117A34
                                                                                                                                                                                                                                                                                                                            SHA-256:29ABCF95CB83F4306BEF24BE60C07608DB1CC187C276C317B8294D956E1BA767
                                                                                                                                                                                                                                                                                                                            SHA-512:92755AD2602B4ED418D906241B4145EC1145BB7F7BF1E8008CB7BC23898338F1DAFB9275AA5FC1DFE800978AC187DB574E897B58C61D141CECE88E5F9ABB4D08
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):32768
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.039751381258926154
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:GHlhV5ebbXBqHlpfU2YllHlhV5ebbXBqHlpfUM4l8a9//Ylll4llqlyllel4lt:G7VLlxU2Il7VLlxUMoL9XIwlio
                                                                                                                                                                                                                                                                                                                            MD5:5DA47C07DB243B3E063BC52294BBAD5A
                                                                                                                                                                                                                                                                                                                            SHA1:1BC35E9F2C40BEB81D7FA63A1FC8A9FF546C797B
                                                                                                                                                                                                                                                                                                                            SHA-256:7EA21A976DD6960EC873D26AAEB516DE8800476D3618480E0E71FC23341A9F18
                                                                                                                                                                                                                                                                                                                            SHA-512:CC6F316F4ECB5873027879BCB065D4B10490D8D9DF0C25BFE4E11B90666818E857B0F2421535594F9787FFA0580E5038E36FFF8C33BBE78A4C8EB79D04B6A5F2
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:..-........................Lv.............*.qI..-........................Lv.............*.qI........................................................'...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):163992
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.09540118745634718
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:KV7oILxs9YC75xsMldCCQE/TSKCrsCs81xsayW4gmwljq2iEg:uVsTzJKDC8XVyW4U8
                                                                                                                                                                                                                                                                                                                            MD5:0FC34372AE958DCF61B1BAC1CE67E04A
                                                                                                                                                                                                                                                                                                                            SHA1:347EA7C6283428E2670C6261B7BC995BFC213B03
                                                                                                                                                                                                                                                                                                                            SHA-256:990930E24F2DCC6F4921D7D4F6E058C07F72E4A9C26F1DB24CDDC7D5D241EB24
                                                                                                                                                                                                                                                                                                                            SHA-512:CB5C26E32F8A5BE30923240E93446FA30DACC938115A1A9EBF778254D41D8E376791FCAED749CE5B077A71CA534592CE963F38DF3A43CDDD386632355A0DD156
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:7....-.................z...;.....................k...Y................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):14146
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.465400979390848
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:192:RnTFTRRUYbBp6HLZNMGaX16qU4aKzy+/3/7D35RYiNBw8sxSl:BKeGFNMARayC/dwj0
                                                                                                                                                                                                                                                                                                                            MD5:9918D939D787041555560E75D7240044
                                                                                                                                                                                                                                                                                                                            SHA1:A230F4860A7E4FEEC3652BF3E4C2E5D9499F9CDC
                                                                                                                                                                                                                                                                                                                            SHA-256:5F8801297EDEBDCF4EFF24CC12AE0C18807BC4936D9DF6118D487BCD3C98AB3D
                                                                                                                                                                                                                                                                                                                            SHA-512:87EF40B9CAFDE09C778BE98E8E36D080FB3FD62D36F3CA23980B8E51EC030B7AD5EB84D32EF87112EB9666F24B765647269A2317147DBA7261CE919B707AE72F
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.lastInstalledTaskVersion", 3);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1742048919);..user_pref("app.update.lastUpdateTime.background-update-timer", 1742048919);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1742048919);..user

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):14146
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.465400979390848
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:192:RnTFTRRUYbBp6HLZNMGaX16qU4aKzy+/3/7D35RYiNBw8sxSl:BKeGFNMARayC/dwj0
                                                                                                                                                                                                                                                                                                                            MD5:9918D939D787041555560E75D7240044
                                                                                                                                                                                                                                                                                                                            SHA1:A230F4860A7E4FEEC3652BF3E4C2E5D9499F9CDC
                                                                                                                                                                                                                                                                                                                            SHA-256:5F8801297EDEBDCF4EFF24CC12AE0C18807BC4936D9DF6118D487BCD3C98AB3D
                                                                                                                                                                                                                                                                                                                            SHA-512:87EF40B9CAFDE09C778BE98E8E36D080FB3FD62D36F3CA23980B8E51EC030B7AD5EB84D32EF87112EB9666F24B765647269A2317147DBA7261CE919B707AE72F
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.lastInstalledTaskVersion", 3);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1742048919);..user_pref("app.update.lastUpdateTime.background-update-timer", 1742048919);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1742048919);..user

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):65536
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                            MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                            SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                            SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                            SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):90
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                            MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                            SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                            SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                            SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):90
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                            MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                            SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                            SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                            SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):1573
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.331115947874033
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:v+USUGlcAxSkkuxLXnIgdE/pnxQwRlszT5sK9M3eHVvwKXT86amhujJmyOOxmOmm:GUpOxPkcunR623eNwCT74JNKRh4
                                                                                                                                                                                                                                                                                                                            MD5:6B0A77124311B9E43FB71AF4DDE86A17
                                                                                                                                                                                                                                                                                                                            SHA1:56E4BD753ECDFD9AC075E89F0F273D8B09F4478C
                                                                                                                                                                                                                                                                                                                            SHA-256:94C8D8D60BE81282CC9EC18689A06E3D53E4F515142F5A5B951870123E62989D
                                                                                                                                                                                                                                                                                                                            SHA-512:C6CEEA038F294025376E2003FF2A734D18F5EAEF738BAF185296DCFB7B2A90CF5C22FB995D4CC02181745FD83AD6EAD2F9834C0BEC06E4C2F218C028B0D19D11
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{02f1fd57-7dcb-48ca-bc0c-f40ed3f3fb4f}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1742048923250,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...1e296679-d131-4d1d-b89b-0e3611e804f3","zD..1...Wm..l........j..:....1":{..mUpdate...startTim..`888699...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...Abfc0b67c202aaf415a5b7a51708a5c3270bb6f2f7664428a48797f00afbef6fc","path":"/","na..a"taarI|.Recure...,`.Donly..eexpiry....895356,"originA...

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):1573
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.331115947874033
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:v+USUGlcAxSkkuxLXnIgdE/pnxQwRlszT5sK9M3eHVvwKXT86amhujJmyOOxmOmm:GUpOxPkcunR623eNwCT74JNKRh4
                                                                                                                                                                                                                                                                                                                            MD5:6B0A77124311B9E43FB71AF4DDE86A17
                                                                                                                                                                                                                                                                                                                            SHA1:56E4BD753ECDFD9AC075E89F0F273D8B09F4478C
                                                                                                                                                                                                                                                                                                                            SHA-256:94C8D8D60BE81282CC9EC18689A06E3D53E4F515142F5A5B951870123E62989D
                                                                                                                                                                                                                                                                                                                            SHA-512:C6CEEA038F294025376E2003FF2A734D18F5EAEF738BAF185296DCFB7B2A90CF5C22FB995D4CC02181745FD83AD6EAD2F9834C0BEC06E4C2F218C028B0D19D11
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{02f1fd57-7dcb-48ca-bc0c-f40ed3f3fb4f}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1742048923250,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...1e296679-d131-4d1d-b89b-0e3611e804f3","zD..1...Wm..l........j..:....1":{..mUpdate...startTim..`888699...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...Abfc0b67c202aaf415a5b7a51708a5c3270bb6f2f7664428a48797f00afbef6fc","path":"/","na..a"taarI|.Recure...,`.Donly..eexpiry....895356,"originA...

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):1573
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.331115947874033
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:v+USUGlcAxSkkuxLXnIgdE/pnxQwRlszT5sK9M3eHVvwKXT86amhujJmyOOxmOmm:GUpOxPkcunR623eNwCT74JNKRh4
                                                                                                                                                                                                                                                                                                                            MD5:6B0A77124311B9E43FB71AF4DDE86A17
                                                                                                                                                                                                                                                                                                                            SHA1:56E4BD753ECDFD9AC075E89F0F273D8B09F4478C
                                                                                                                                                                                                                                                                                                                            SHA-256:94C8D8D60BE81282CC9EC18689A06E3D53E4F515142F5A5B951870123E62989D
                                                                                                                                                                                                                                                                                                                            SHA-512:C6CEEA038F294025376E2003FF2A734D18F5EAEF738BAF185296DCFB7B2A90CF5C22FB995D4CC02181745FD83AD6EAD2F9834C0BEC06E4C2F218C028B0D19D11
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{02f1fd57-7dcb-48ca-bc0c-f40ed3f3fb4f}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1742048923250,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...1e296679-d131-4d1d-b89b-0e3611e804f3","zD..1...Wm..l........j..:....1":{..mUpdate...startTim..`888699...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...Abfc0b67c202aaf415a5b7a51708a5c3270bb6f2f7664428a48797f00afbef6fc","path":"/","na..a"taarI|.Recure...,`.Donly..eexpiry....895356,"originA...

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 4, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):4096
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):2.042811512334329
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:24:JBkSldh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jkSWEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                            MD5:21235938025E2102017AC8C9748948A4
                                                                                                                                                                                                                                                                                                                            SHA1:A1EED1C4588724A8396C95FC9923C0A33B360FF8
                                                                                                                                                                                                                                                                                                                            SHA-256:E34B06B180E3F73DC8E441650BB7FE694A9D58E927412D6ED40B0852B784824E
                                                                                                                                                                                                                                                                                                                            SHA-512:D334B419A2A75179C17D7F53BF65FCC132ADE03B21059F0007ACDBB08284A281D8CE1C1CC598E6A070024D0DAE158E2E9618E121342BE068E87A051FE33D6061
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):4411
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.0092766497819134
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YrSAY0HqUQZpExB1+anOdW6VhOGVpWJzzcsYMsku7f86SLAVL775FtsfAcbyJFde:yc0CTEr5NfJzzcBvbw6Kkvrc2Rn27
                                                                                                                                                                                                                                                                                                                            MD5:81C5E2D5B519F4F31230B773E967002C
                                                                                                                                                                                                                                                                                                                            SHA1:2E83B2C09FB261EDA21401CE9E71B55EBC155D6D
                                                                                                                                                                                                                                                                                                                            SHA-256:02C2404074E88C82DFBC184A4C81A0BD5C653865452C4493866E131B76F91930
                                                                                                                                                                                                                                                                                                                            SHA-512:DE0ECC0D9C44297D55BAD6500B808BE36F42CD09A92AA78CB3579865B28B144A0B938D66701C145AF50E27075356E522A848CC820B59CF91E08FE873400CC961
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-03-15T14:28:22.466Z","profileAgeCreated":1696486829272,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):4411
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.0092766497819134
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YrSAY0HqUQZpExB1+anOdW6VhOGVpWJzzcsYMsku7f86SLAVL775FtsfAcbyJFde:yc0CTEr5NfJzzcBvbw6Kkvrc2Rn27
                                                                                                                                                                                                                                                                                                                            MD5:81C5E2D5B519F4F31230B773E967002C
                                                                                                                                                                                                                                                                                                                            SHA1:2E83B2C09FB261EDA21401CE9E71B55EBC155D6D
                                                                                                                                                                                                                                                                                                                            SHA-256:02C2404074E88C82DFBC184A4C81A0BD5C653865452C4493866E131B76F91930
                                                                                                                                                                                                                                                                                                                            SHA-512:DE0ECC0D9C44297D55BAD6500B808BE36F42CD09A92AA78CB3579865B28B144A0B938D66701C145AF50E27075356E522A848CC820B59CF91E08FE873400CC961
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-03-15T14:28:22.466Z","profileAgeCreated":1696486829272,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\installs.ini

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):75
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.998409691329297
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:3:plqfnrYKYKuQf3BGvbr:raULJQJGvv
                                                                                                                                                                                                                                                                                                                            MD5:E3C379B675718AEF756F5EF5AFB59101
                                                                                                                                                                                                                                                                                                                            SHA1:8589047B7D7049922A3E88E7F0CA6378B5297BA8
                                                                                                                                                                                                                                                                                                                            SHA-256:40B3F9D3EC5B61A2BCA9E4BC15B0C797D60A84D404C012625BA82D82CC52D3CB
                                                                                                                                                                                                                                                                                                                            SHA-512:A614AB883FC865CB4C9B50F98BCF2A769683927EF232C3D360EE049ECACF56F460EA70FD65FB7FAE0700E80D31F481F4D774EDD71A86143F45A93D2746E8887E
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:[308046B0AF4A39CB]..Default=Profiles/2o7hffxt.default-release..Locked=1....

                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini

                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            File Type:Generic INItialization configuration [Profile1]
                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                            Size (bytes):456
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.207531980997597
                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                            SSDEEP:12:HuBtQJGvPO8uLMdI5bdfIRyMdIdQxETR5bWcWFvy:HuBcGvPOZLMdI1dfVMdIR6zFvy
                                                                                                                                                                                                                                                                                                                            MD5:FFCA36EB746B84FC1F0C5C4DC8D327A5
                                                                                                                                                                                                                                                                                                                            SHA1:A0BB340A656FC7B84024287139AF8B2209286215
                                                                                                                                                                                                                                                                                                                            SHA-256:44CFFA8B067239048B57E5F8B5C9B99744EEB8A9EAFC22593D86CDF51245CF90
                                                                                                                                                                                                                                                                                                                            SHA-512:42C2E0CADC338391F75077E391D1837555FBD5E35C32A8B2D4C59E5F34846D4AD38A4613694A99DC68FB5EDD35D6C21AFB0AE4A3BF0A3F244F43F532DBE1B746
                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                            Preview:[Install308046B0AF4A39CB]..Default=Profiles/2o7hffxt.default-release..Locked=1....[Profile1]..Name=default..IsRelative=1..Path=Profiles/0absryc3.default..Default=1....[Profile0]..Name=default-release..IsRelative=1..Path=Profiles/2o7hffxt.default-release....[General]..StartWithLastProfile=1..Version=2....[BackgroundTasksProfiles]..MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate=h47hrvlz.MozillaBackgroundTask-308046B0AF4A39CB-backgroundupdate....

                                                                                                                                                                                                                                                                                                                            Static File Info

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.693387788432424
                                                                                                                                                                                                                                                                                                                            TrID:
                                                                                                                                                                                                                                                                                                                            • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                            • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                            • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                            • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                            File name:random.exe
                                                                                                                                                                                                                                                                                                                            File size:966'144 bytes
                                                                                                                                                                                                                                                                                                                            MD5:7b263841e989d2a9f7d156e74cb36e6f
                                                                                                                                                                                                                                                                                                                            SHA1:daf7c46fc057c7e3dc266faacf89652cc1cf9720
                                                                                                                                                                                                                                                                                                                            SHA256:6457881894861cb853a08b65e3b63b2916f317ce6730338f0508cf84f5f930e8
                                                                                                                                                                                                                                                                                                                            SHA512:b5a569ddbaf01806babcb1676dd4d74ea94e3253c4a803fa70c2cba0ba456e20a943049dd54cdcf39b51fb30b65fe9ca812a047bf65a043c02c53c9649317ee1
                                                                                                                                                                                                                                                                                                                            SSDEEP:24576:JqDEvCTbMWu7rQYlBQcBiT6rprG8a3Uu:JTvC/MTQYxsWR7a3
                                                                                                                                                                                                                                                                                                                            TLSH:E7259E027391C062FFAB92334F5AF6515BBC69260123E61F13A81D79BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                            File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                            File Icon

                                                                                                                                                                                                                                                                                                                            Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                            Static PE Info

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                            Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                            Digitally signed:false
                                                                                                                                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                            Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                            Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                            DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                            Time Stamp:0x67D55D42 [Sat Mar 15 10:58:10 2025 UTC]
                                                                                                                                                                                                                                                                                                                            TLS Callbacks:
                                                                                                                                                                                                                                                                                                                            CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                            OS Version Major:5
                                                                                                                                                                                                                                                                                                                            OS Version Minor:1
                                                                                                                                                                                                                                                                                                                            File Version Major:5
                                                                                                                                                                                                                                                                                                                            File Version Minor:1
                                                                                                                                                                                                                                                                                                                            Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                            Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                            Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                            Entrypoint Preview

                                                                                                                                                                                                                                                                                                                            Instruction
                                                                                                                                                                                                                                                                                                                            call 00007F6EECBB09C3h
                                                                                                                                                                                                                                                                                                                            jmp 00007F6EECBB02CFh
                                                                                                                                                                                                                                                                                                                            push ebp
                                                                                                                                                                                                                                                                                                                            mov ebp, esp
                                                                                                                                                                                                                                                                                                                            push esi
                                                                                                                                                                                                                                                                                                                            push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                            mov esi, ecx
                                                                                                                                                                                                                                                                                                                            call 00007F6EECBB04ADh
                                                                                                                                                                                                                                                                                                                            mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                            mov eax, esi
                                                                                                                                                                                                                                                                                                                            pop esi
                                                                                                                                                                                                                                                                                                                            pop ebp
                                                                                                                                                                                                                                                                                                                            retn 0004h
                                                                                                                                                                                                                                                                                                                            and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                            mov eax, ecx
                                                                                                                                                                                                                                                                                                                            and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                            mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                            mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                            ret
                                                                                                                                                                                                                                                                                                                            push ebp
                                                                                                                                                                                                                                                                                                                            mov ebp, esp
                                                                                                                                                                                                                                                                                                                            push esi
                                                                                                                                                                                                                                                                                                                            push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                            mov esi, ecx
                                                                                                                                                                                                                                                                                                                            call 00007F6EECBB047Ah
                                                                                                                                                                                                                                                                                                                            mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                            mov eax, esi
                                                                                                                                                                                                                                                                                                                            pop esi
                                                                                                                                                                                                                                                                                                                            pop ebp
                                                                                                                                                                                                                                                                                                                            retn 0004h
                                                                                                                                                                                                                                                                                                                            and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                            mov eax, ecx
                                                                                                                                                                                                                                                                                                                            and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                            mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                            mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                            ret
                                                                                                                                                                                                                                                                                                                            push ebp
                                                                                                                                                                                                                                                                                                                            mov ebp, esp
                                                                                                                                                                                                                                                                                                                            push esi
                                                                                                                                                                                                                                                                                                                            mov esi, ecx
                                                                                                                                                                                                                                                                                                                            lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                            mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                            and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                            and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                            push eax
                                                                                                                                                                                                                                                                                                                            mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                            add eax, 04h
                                                                                                                                                                                                                                                                                                                            push eax
                                                                                                                                                                                                                                                                                                                            call 00007F6EECBB306Dh
                                                                                                                                                                                                                                                                                                                            pop ecx
                                                                                                                                                                                                                                                                                                                            pop ecx
                                                                                                                                                                                                                                                                                                                            mov eax, esi
                                                                                                                                                                                                                                                                                                                            pop esi
                                                                                                                                                                                                                                                                                                                            pop ebp
                                                                                                                                                                                                                                                                                                                            retn 0004h
                                                                                                                                                                                                                                                                                                                            lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                            mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                            push eax
                                                                                                                                                                                                                                                                                                                            call 00007F6EECBB30B8h
                                                                                                                                                                                                                                                                                                                            pop ecx
                                                                                                                                                                                                                                                                                                                            ret
                                                                                                                                                                                                                                                                                                                            push ebp
                                                                                                                                                                                                                                                                                                                            mov ebp, esp
                                                                                                                                                                                                                                                                                                                            push esi
                                                                                                                                                                                                                                                                                                                            mov esi, ecx
                                                                                                                                                                                                                                                                                                                            lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                            mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                            push eax
                                                                                                                                                                                                                                                                                                                            call 00007F6EECBB30A1h
                                                                                                                                                                                                                                                                                                                            test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                            pop ecx

                                                                                                                                                                                                                                                                                                                            Rich Headers

                                                                                                                                                                                                                                                                                                                            Programming Language:
                                                                                                                                                                                                                                                                                                                            • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                            • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                            Data Directories

                                                                                                                                                                                                                                                                                                                            NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x1529c.rsrc
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BASERELOC0xea0000x7594.reloc
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                            Sections

                                                                                                                                                                                                                                                                                                                            NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                            .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                            .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                            .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                            .rsrc0xd40000x1529c0x15400641e646e9fbea6924795afc19af3efcbFalse0.686328125data7.1151258032034805IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                            .reloc0xea0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                            Resources

                                                                                                                                                                                                                                                                                                                            NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                            RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                            RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                            RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                            RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                            RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                            RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                            RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                            RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                            RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                            RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                            RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                            RT_RCDATA0xdc8fc0xc420data1.0005178457616317
                                                                                                                                                                                                                                                                                                                            RT_GROUP_ICON0xe8d1c0x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                            RT_GROUP_ICON0xe8d940x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                            RT_GROUP_ICON0xe8da80x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                            RT_GROUP_ICON0xe8dbc0x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                            RT_VERSION0xe8dd00xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                            RT_MANIFEST0xe8eac0x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                            Imports

                                                                                                                                                                                                                                                                                                                            DLLImport
                                                                                                                                                                                                                                                                                                                            WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                            VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                            WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                            COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                            MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                            WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                            PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                            IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                            USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                            UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                            KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                            USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                            GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                            COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                            ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                            SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                            ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                            OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                            Version Infos

                                                                                                                                                                                                                                                                                                                            DescriptionData
                                                                                                                                                                                                                                                                                                                            Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                            Possible Origin

                                                                                                                                                                                                                                                                                                                            Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                            EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                            Network Behavior

                                                                                                                                                                                                                                                                                                                            Network Port Distribution

                                                                                                                                                                                                                                                                                                                            TCP Packets

                                                                                                                                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.179235935 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.179271936 CET4434969835.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.183810949 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.188484907 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.188503027 CET4434969835.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.667599916 CET4434969835.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.667709112 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.676119089 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.676132917 CET4434969835.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.676251888 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.676410913 CET4434969835.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.676656008 CET49698443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.493199110 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.493232965 CET44349700172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.493877888 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.495352030 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.495368958 CET44349700172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.506845951 CET4970180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.511497021 CET804970134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.511562109 CET4970180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.511706114 CET4970180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.516391039 CET804970134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.741652012 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.741678953 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.748183966 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.751780033 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.751791000 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.956130028 CET804970134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.005259991 CET4970180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.015019894 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.015052080 CET4434970334.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.015419006 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.016828060 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.016839981 CET4434970334.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.156840086 CET44349700172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.156935930 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.157429934 CET44349700172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.157494068 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.327460051 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.327493906 CET44349700172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.327568054 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.327708960 CET44349700172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.331496954 CET49700443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.337970972 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.337995052 CET4434970434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.338247061 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.339652061 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.339663982 CET4434970434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.341324091 CET4970580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.345942974 CET804970534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.351598024 CET4970580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.351847887 CET4970580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.356540918 CET804970534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.362092972 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.362118006 CET4434970635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.364074945 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.364074945 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.364106894 CET4434970635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.411007881 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.411024094 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.411712885 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.412704945 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.412728071 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.416788101 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.416806936 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.416929007 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.417004108 CET44349702172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.417337894 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.417372942 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.418246031 CET49702443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.422024965 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.426454067 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.426470041 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.484386921 CET4434970334.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.484520912 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.489099026 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.489104986 CET4434970334.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.489244938 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.489258051 CET4434970334.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.489628077 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.489662886 CET4434970834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.499819994 CET49703443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.499826908 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.501209021 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.501220942 CET4434970834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.808959007 CET4434970434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.816332102 CET4434970434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.817953110 CET804970534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.820656061 CET4434970635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.822495937 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.822498083 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.833062887 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.833070993 CET4434970434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.833168983 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.833326101 CET4434970434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.833622932 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.833656073 CET4434970934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.841590881 CET49704443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.841651917 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.845263958 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.845288992 CET4434970635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.845648050 CET4434970635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.846705914 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.846720934 CET4434970934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.853085995 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.853161097 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.853246927 CET4434970635.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.853480101 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.853480101 CET49706443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.862689018 CET4970580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.981606960 CET4434970834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.981623888 CET4434970834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.983901978 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.988559008 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.988581896 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.003988981 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.028095961 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.028109074 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.061990976 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.062010050 CET4434970834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.062052965 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.062165022 CET4434970834.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.063357115 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.063853979 CET49708443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.063873053 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.064060926 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.064527035 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.081283092 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.081296921 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.081475973 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.081484079 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.081490993 CET44349707172.217.18.14192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.084718943 CET49707443192.168.2.6172.217.18.14
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.099791050 CET4970180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.099834919 CET4970580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.106376886 CET804970134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.106447935 CET804970534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.109298944 CET4970180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.109328032 CET4970580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.318402052 CET4434970934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.318416119 CET4434970934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.318470955 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.402224064 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.405803919 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.405818939 CET4434970934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.405905008 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.406044006 CET4434970934.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.406908035 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.410197020 CET49709443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.410257101 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.410554886 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.415172100 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.471996069 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.472043991 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.479394913 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.484549999 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.484563112 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.485492945 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.485510111 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.488538980 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.491245985 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.491250992 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.491481066 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.493772030 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.493899107 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.493912935 CET4434971034.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.494262934 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.494293928 CET4434971334.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.494966030 CET49710443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.495021105 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.495194912 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.495212078 CET4434971334.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.874206066 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.933851004 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.955153942 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.955168009 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.955262899 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.957588911 CET4434971334.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.957730055 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.960890055 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.960896015 CET4434971334.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.961245060 CET4434971334.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.963973045 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.963984013 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964128017 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964210987 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964219093 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964410067 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964468002 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964648962 CET4434971334.160.144.191192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964714050 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964740038 CET4434971434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964762926 CET49713443192.168.2.634.160.144.191
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.964943886 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.966367006 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.966379881 CET4434971434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.172332048 CET4434971234.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.172535896 CET49712443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.240554094 CET4971580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.245234013 CET804971534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.245306969 CET4971580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.245424986 CET4971580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.250101089 CET804971534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.360578060 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.365384102 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.458024025 CET4434971434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.459182024 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.459770918 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.464626074 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.464644909 CET4434971434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.464705944 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.464821100 CET4434971434.117.188.166192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.464904070 CET49714443192.168.2.634.117.188.166
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.513438940 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.665672064 CET4971580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.670531034 CET804971534.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.670597076 CET4971580192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.696882963 CET4971680192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.701661110 CET804971634.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.701906919 CET4971680192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.702047110 CET4971680192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.706680059 CET804971634.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.778458118 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.783224106 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.790199041 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.790219069 CET4434971735.83.47.198192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.790307045 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.791836977 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.791847944 CET4434971735.83.47.198192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.877391100 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.936784029 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.048254967 CET4971680192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.059902906 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.063523054 CET804971634.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.064627886 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.065857887 CET4971680192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.065912008 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.066124916 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.070785046 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.513614893 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.553173065 CET4434971735.83.47.198192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.560327053 CET4434971735.83.47.198192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.568126917 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.578907013 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.614136934 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.614149094 CET4434971735.83.47.198192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.614223957 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.614386082 CET4434971735.83.47.198192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.620755911 CET49717443192.168.2.635.83.47.198
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891066074 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891103983 CET4434971935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891561031 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891720057 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891731977 CET4434971935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.943953037 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.943977118 CET4434972034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.950133085 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.955171108 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.955223083 CET4434972034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.959336042 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.959343910 CET4434972134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.960001945 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.961601019 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.961611986 CET4434972134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.111897945 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.116682053 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.128916979 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.128954887 CET4434972234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.130430937 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.131902933 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.131917000 CET4434972234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.210572004 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.250919104 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.345729113 CET4434971935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.347537994 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.350605011 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.350611925 CET4434971935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.350881100 CET4434971935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.353125095 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.353205919 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.353310108 CET4434971935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.359441042 CET49719443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.420605898 CET4434972034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.427407980 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.429816008 CET4434972134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.432112932 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.432136059 CET4434972034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.432157040 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.432343960 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.432374001 CET4434972034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.432573080 CET49720443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.436186075 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.436189890 CET4434972134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.436270952 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.436528921 CET4434972134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.439495087 CET49721443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.613260031 CET4434972234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.613349915 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.618221998 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.618233919 CET4434972234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.618307114 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.618398905 CET4434972234.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.618494987 CET49722443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:46.257617950 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:46.262341976 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:46.353322983 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:46.401257038 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.388349056 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.393040895 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.403443098 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.403472900 CET4434972534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.403543949 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.404967070 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.404973030 CET4434972534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.487473965 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.525299072 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.530090094 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.535777092 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.549309969 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.549346924 CET4434972634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.549576998 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.549686909 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.549696922 CET4434972634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.550247908 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.550297976 CET4434972734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.550405025 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.550517082 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.550524950 CET4434972734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.620413065 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.673765898 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.872131109 CET4434972534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.876353979 CET4434972534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.886923075 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.004697084 CET4434972634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.004765034 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.007102966 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.007114887 CET4434972634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.007385969 CET4434972634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014130116 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014151096 CET4434972534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014269114 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014399052 CET4434972534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014482021 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014556885 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.014760971 CET4434972634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.015738964 CET49725443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.015748978 CET49726443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.017806053 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.020456076 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.020484924 CET4434972834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.020773888 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.022152901 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.022161961 CET4434972834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.022564888 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.039289951 CET4434972734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.039371967 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.046708107 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.046719074 CET4434972734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.046973944 CET4434972734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.049405098 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.049490929 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.049544096 CET4434972734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.049839973 CET49727443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.116715908 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.156491041 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.487195015 CET4434972834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.492322922 CET4434972834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.499243021 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.344692945 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.344722986 CET4434972834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.344770908 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.345056057 CET4434972834.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.347599030 CET49728443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.642687082 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.647469044 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.650981903 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.655795097 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.737828016 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.749408007 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.795816898 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.795821905 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.701289892 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.706091881 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.796278000 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.848558903 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.856712103 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.856754065 CET4434973134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.863349915 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.864825010 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.864839077 CET4434973134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.369828939 CET4434973134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.369844913 CET4434973134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.369891882 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.419048071 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.426538944 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.426552057 CET4434973134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.426611900 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.426779032 CET4434973134.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.427042007 CET49731443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.456645966 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.461370945 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.555476904 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.603991032 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:53.402575016 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:53.407291889 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:53.497395039 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:53.537897110 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.446532011 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.446620941 CET4434973234.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.446769953 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.448137999 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.448172092 CET4434973234.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.573127985 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.577934027 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.902245045 CET4434973234.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.902352095 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.906759977 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.906765938 CET4434973234.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.906862974 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.906951904 CET4434973234.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.907058001 CET49732443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.910254955 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.914921999 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.008832932 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.012227058 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.016870975 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.052436113 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.107214928 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.152712107 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.571392059 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.571440935 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.573837996 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.574003935 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.574017048 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.590779066 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.590823889 CET4434973434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.595824003 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.596090078 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.596102953 CET4434973434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.596867085 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.596909046 CET44349735151.101.129.91192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.597292900 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.597431898 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.597443104 CET44349735151.101.129.91192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.618108034 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.618132114 CET4434973635.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.623187065 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.624628067 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.624638081 CET4434973635.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.635926962 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.635962009 CET4434973734.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.640873909 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.642371893 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.642384052 CET4434973734.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.029057026 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.029135942 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.032546043 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.032557011 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.032799006 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.034878016 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.034970045 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.035028934 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.042213917 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.044328928 CET4434973335.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.045929909 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.045955896 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.046075106 CET49733443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.046876907 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.054632902 CET44349735151.101.129.91192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.054990053 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.057923079 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.057955980 CET44349735151.101.129.91192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.058368921 CET44349735151.101.129.91192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.060292959 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.060391903 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.060482025 CET44349735151.101.129.91192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.060578108 CET49735443192.168.2.6151.101.129.91
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.070954084 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.071003914 CET4434973835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.071266890 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.071408987 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.071420908 CET4434973835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.073632002 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.073664904 CET4434973935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.075742960 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.075824022 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.076020002 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.076031923 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.076128006 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.076138973 CET4434973935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.076267004 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.076298952 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.080107927 CET4434973434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.080552101 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.083496094 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.083502054 CET4434973434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.083846092 CET4434973434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.085897923 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.085985899 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.086098909 CET4434973434.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.086395025 CET49734443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.096960068 CET4434973635.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.097100973 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.099971056 CET4434973734.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.100121021 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.103565931 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.103574991 CET4434973635.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.103658915 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.103734970 CET4434973635.190.72.216192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.104512930 CET49736443192.168.2.635.190.72.216
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.105133057 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.105148077 CET4434973734.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.105230093 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.105292082 CET4434973734.49.51.44192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.106787920 CET49737443192.168.2.634.49.51.44
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.117188931 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.117230892 CET4434974134.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.117872000 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.118015051 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.118026972 CET4434974134.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.146065950 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.149013996 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.153654099 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.201325893 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.244040966 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.301606894 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.525376081 CET4434973835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.525441885 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.528376102 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.528398991 CET4434973835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.528650999 CET4434973835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.531217098 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.531321049 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.531378031 CET4434973835.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.531641006 CET49738443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.533941984 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.535789967 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.536786079 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.539410114 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.539427996 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.539702892 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.540505886 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.542315960 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.542459965 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.542469978 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.542479992 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.546720982 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.550781012 CET4434973935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.551146030 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.551436901 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.551609039 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.553534031 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.553539038 CET4434973935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.553750038 CET4434973935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.553833961 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.556461096 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.556526899 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.556583881 CET4434973935.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.558568001 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.558964968 CET49739443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.583368063 CET4434974134.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.583441019 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.586617947 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.586628914 CET4434974134.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.586855888 CET4434974134.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.589143038 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.589205027 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.589315891 CET4434974134.149.100.209192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.590339899 CET49741443192.168.2.634.149.100.209
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.634443998 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.637500048 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.642270088 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.680593967 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.732866049 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.752326965 CET4434974035.244.181.201192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.752392054 CET49740443192.168.2.635.244.181.201
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.780898094 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162405968 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162452936 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162507057 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162549019 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163906097 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163942099 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163963079 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163978100 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.164036036 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166526079 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166559935 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166593075 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166652918 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169110060 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169162989 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169167995 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169197083 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169250965 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.172940969 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.172975063 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.173012972 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.173015118 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.219805002 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.248944044 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249100924 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249152899 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249186039 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249212980 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249221087 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249257088 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.249327898 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250515938 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250567913 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250602007 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250636101 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250652075 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250722885 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250827074 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250855923 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.250926971 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253299952 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253351927 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253386021 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253418922 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253427982 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253454924 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.253504992 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.255906105 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.255939960 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.255974054 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.255997896 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.256006002 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.256041050 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.256097078 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259587049 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259618998 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259653091 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259705067 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259835005 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259867907 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259884119 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259902000 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.259948969 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.335829020 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.335841894 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.335854053 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.335866928 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.335879087 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336100101 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336114883 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336153984 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336324930 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336334944 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336348057 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336359024 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.336443901 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337126970 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337172985 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337264061 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337265015 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337275982 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337286949 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337299109 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337356091 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337860107 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337874889 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337884903 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.337935925 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.339952946 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.339963913 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.339975119 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.339984894 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340002060 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340157986 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340286970 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340303898 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340322971 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340333939 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340337038 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340347052 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340373039 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.340516090 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.341068029 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.341079950 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.341095924 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.341108084 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.341123104 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.341217041 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342436075 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342447042 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342458010 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342483997 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342567921 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342598915 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342608929 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342621088 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342673063 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342984915 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.342995882 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.343007088 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.343019009 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.343030930 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.343031883 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.343265057 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346175909 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346220970 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346224070 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346246958 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346298933 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346318960 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346472979 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346483946 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346496105 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346507072 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346528053 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346553087 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346777916 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346810102 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346821070 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346829891 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346831083 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.346884966 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423269987 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423290014 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423307896 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423319101 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423331976 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423342943 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423348904 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423355103 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423366070 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423377037 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423388004 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423398972 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423409939 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423422098 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423434019 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423446894 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423523903 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423634052 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423887968 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423904896 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423917055 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.423928976 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424040079 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424108982 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424120903 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424135923 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424146891 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424150944 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.424223900 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427470922 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427481890 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427498102 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427510023 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427520990 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427531958 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427542925 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427556038 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427566051 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427577972 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427581072 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427589893 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427617073 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427628040 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427638054 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427793980 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427896023 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427961111 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427970886 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.427978992 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428045034 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428056955 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428060055 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428069115 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428080082 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428098917 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.428335905 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429359913 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429668903 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429821014 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429954052 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429965019 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429975986 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.429986954 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430002928 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430015087 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430027008 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430037022 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430047989 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430059910 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430072069 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430540085 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430552006 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430680037 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430691957 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430701017 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.430715084 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433285952 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433448076 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433459997 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433473110 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433549881 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433561087 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433577061 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433588982 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433598995 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433610916 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433623075 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433634043 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433645010 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.433655977 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434155941 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434310913 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434324026 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434334993 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434346914 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434365034 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434376955 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.434391022 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.436052084 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.442591906 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.442713976 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.442784071 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.442868948 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509392023 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509417057 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509428978 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509466887 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509474039 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509485960 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509491920 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509502888 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509522915 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509526968 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509533882 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509546041 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509557962 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509568930 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509669065 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509799957 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509907961 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509919882 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509939909 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509952068 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509960890 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509973049 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.509979010 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510036945 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510106087 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510118008 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510138988 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510150909 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510164022 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510176897 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510178089 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510206938 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510806084 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510823965 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510835886 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510848045 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510854006 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510859966 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510869026 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.510946989 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511184931 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511195898 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511207104 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511220932 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511233091 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511240959 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511274099 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511641026 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511651993 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511663914 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511674881 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511687040 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511698008 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511699915 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511708975 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511719942 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511732101 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511743069 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.511809111 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513454914 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513521910 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513530970 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513534069 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513546944 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513557911 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513562918 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513570070 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.513660908 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514328957 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514341116 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514354944 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514367104 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514378071 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514389038 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514393091 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514400005 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514410973 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514417887 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514422894 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514434099 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514450073 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514463902 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514698029 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.514709949 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.515440941 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.515763044 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.515774012 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.515810013 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516009092 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516026974 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516040087 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516051054 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516057014 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516062975 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516073942 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516087055 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516098022 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516109943 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516125917 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516139030 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516150951 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516211987 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516638994 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516650915 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516661882 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516685963 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516699076 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516710997 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516716003 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516729116 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516731024 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516735077 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.516838074 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519793987 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519805908 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519817114 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519838095 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519850016 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519851923 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519866943 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519880056 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519886971 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519891977 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519898891 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519975901 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519984007 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519988060 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.519999027 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520015955 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520016909 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520028114 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520040035 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520051956 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520068884 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520081997 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520091057 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520092964 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520103931 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520107985 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520113945 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520126104 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520138025 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520147085 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520198107 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.520315886 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.559427977 CET5595453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.564064980 CET53559541.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.564133883 CET5595453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.564157009 CET5595453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.568780899 CET53559541.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596101046 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596167088 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596234083 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596261024 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596272945 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596285105 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596297026 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596321106 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596333981 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596344948 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596369982 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596381903 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596394062 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596406937 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596416950 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596417904 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596431017 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596533060 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596541882 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596544027 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596554995 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596568108 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596580982 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596594095 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596621990 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596678019 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596695900 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596708059 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596714020 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596719027 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596730947 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596744061 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596750021 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596755981 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596767902 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596785069 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596795082 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596807003 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596810102 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596818924 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596831083 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.596868992 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597434044 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597476006 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597486973 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597498894 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597573996 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597589016 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597600937 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597651005 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597662926 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597680092 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597697973 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597709894 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597723007 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597734928 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597785950 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.597896099 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600346088 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600363016 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600374937 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600388050 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600399971 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600414991 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600425005 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600429058 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600462914 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600488901 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600500107 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600513935 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600526094 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600538015 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600548983 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600559950 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600584030 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600588083 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600599051 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600610971 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600622892 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600635052 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600647926 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600658894 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.600877047 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602857113 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602869034 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602885962 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602899075 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602916956 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602982044 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.602993011 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603004932 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603014946 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603017092 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603029966 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603081942 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603094101 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603105068 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603116989 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603135109 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603147030 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603153944 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603157997 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603178024 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603189945 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603204012 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603214979 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603220940 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603229046 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.603272915 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606560946 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606690884 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606703043 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606714010 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606724977 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606733084 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606744051 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606755018 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606772900 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606784105 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606795073 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606806993 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606813908 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606820107 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606831074 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606842995 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606854916 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606868982 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.606879950 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.607021093 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.036684036 CET53559541.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.038568974 CET5595453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.043406010 CET53559541.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.043608904 CET5595453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.527360916 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.532026052 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.625636101 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.633430958 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.638103962 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.670732021 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.728344917 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.770997047 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:16.611680984 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:16.616507053 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:17.636784077 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:17.641588926 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:17.737021923 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:17.741786957 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.440299034 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.444968939 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.539119959 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.542141914 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.546828032 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.581893921 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.636986017 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.682176113 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.019243956 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.019284964 CET4435595934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.019602060 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.021032095 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.021047115 CET4435595934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.507126093 CET4435595934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.507196903 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.511308908 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.511318922 CET4435595934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.511404037 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.511518955 CET4435595934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.511974096 CET55959443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.513739109 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.518431902 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.613051891 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.615983963 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.620754004 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.653830051 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.710958004 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.754091978 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:26.625041962 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:26.629806042 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:33.614715099 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:33.619343042 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:33.715147972 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:33.719827890 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684063911 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684096098 CET4435596034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684223890 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684252024 CET4435596134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684340000 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684379101 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684442043 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684461117 CET4435596334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684559107 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684571981 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684678078 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684688091 CET4435596534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685007095 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685024023 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685024977 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685125113 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685125113 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685126066 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685249090 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685266018 CET4435596034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685373068 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685384989 CET4435596534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685440063 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685451031 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685503960 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685516119 CET4435596334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685568094 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685579062 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685632944 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.685641050 CET4435596134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.154237986 CET4435596334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.154319048 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155029058 CET4435596034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155086994 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155191898 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155210018 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155210972 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155244112 CET4435596134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155432940 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.155530930 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.158137083 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.158160925 CET4435596334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.158453941 CET4435596334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.160763025 CET4435596534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.160909891 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.160931110 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.161180019 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.161180973 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.163505077 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.163510084 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.163779020 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.165872097 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.165879011 CET4435596134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.166291952 CET4435596134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.168426991 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.168443918 CET4435596034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.168741941 CET4435596034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.171098948 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.171112061 CET4435596534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.171653986 CET4435596534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.177644014 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.177767038 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.177920103 CET4435596334.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.178251028 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.178287983 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185158014 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185308933 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185328007 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185446978 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185491085 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185501099 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185578108 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185584068 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185607910 CET4435596134.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185623884 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.185640097 CET4435596434.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.186063051 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.186117887 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.188317060 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.188357115 CET55963443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.188404083 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.188416958 CET55964443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.192338943 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.192354918 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.195208073 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.195307016 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.195487976 CET4435596034.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.195550919 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.195600986 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.195765018 CET4435596534.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.197014093 CET55961443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.197098970 CET55960443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.197112083 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.197308064 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.197331905 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.197442055 CET55965443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.199084997 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.203727961 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.298275948 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.301618099 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.306618929 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.346309900 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.392329931 CET4435596234.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.392394066 CET55962443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.397687912 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.451356888 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.664802074 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.664835930 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.664897919 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.668322086 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.668340921 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.668603897 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.668843985 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.668858051 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.670274019 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.672687054 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.672712088 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.672969103 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.673388958 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.673500061 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.673595905 CET4435596634.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.674170017 CET55966443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.675818920 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.675879955 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.675982952 CET4435596734.120.208.123192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.676479101 CET55967443192.168.2.634.120.208.123
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.731280088 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.736615896 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.831538916 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.861394882 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.868062019 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.890340090 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.956695080 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:36.005214930 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:36.633364916 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:36.638092041 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:45.846703053 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:45.962603092 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:45.989836931 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:45.989852905 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:46.649104118 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:46.653795004 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:55.992451906 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:55.992454052 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:55.997132063 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:55.997144938 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:56.663310051 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:56.667982101 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.667896032 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.667920113 CET4435596934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.668036938 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.669624090 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.669641018 CET4435596934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.123809099 CET4435596934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.123986006 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.129297018 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.129322052 CET4435596934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.129400015 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.129494905 CET4435596934.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.130326986 CET55969443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.132955074 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.137763977 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.231631994 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.235742092 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.240515947 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.285326004 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.331546068 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.385581970 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:06.676851988 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:06.682316065 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:14.245356083 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:14.250160933 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:14.345663071 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:14.350533962 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:16.689609051 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:16.694300890 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:24.256326914 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:24.261032104 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:24.356079102 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:24.362063885 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:26.716414928 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:26.721040010 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:34.269257069 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:34.273894072 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:34.369587898 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:34.374638081 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:36.727694035 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:36.732470989 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:44.287739992 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:44.292424917 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:44.387953043 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:44.392616034 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:46.741584063 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:46.746303082 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:54.293256044 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:54.297914028 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:54.394202948 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:54.398916960 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:56.753379107 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:56.758152008 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:02.238554001 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:02.243607998 CET80497422.22.61.56192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:02.243714094 CET4974280192.168.2.62.22.61.56
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:04.305368900 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:04.310219049 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:04.405667067 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:04.410878897 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:14.319648027 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:14.324379921 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:14.424231052 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:14.429135084 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.332518101 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.337269068 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.432832003 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.437552929 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.502188921 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.502221107 CET4435597034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.502770901 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.504225016 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.504241943 CET4435597034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.959630966 CET4435597034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.959712029 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.965017080 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.965039968 CET4435597034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.965135098 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.965192080 CET4435597034.107.243.93192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.965333939 CET55970443192.168.2.634.107.243.93
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.967545033 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.972327948 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.067111969 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.070964098 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.075648069 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.119335890 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.166706085 CET804971834.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.219474077 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:35.070616007 CET4971180192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:35.075450897 CET804971134.107.221.82192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:35.170887947 CET4971880192.168.2.634.107.221.82
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:35.175690889 CET804971834.107.221.82192.168.2.6

                                                                                                                                                                                                                                                                                                                            UDP Packets

                                                                                                                                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.182782888 CET6427853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.190512896 CET53642781.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.191323996 CET5457753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.198494911 CET53545771.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.469432116 CET5584053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.470531940 CET6186853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.476464987 CET53558401.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.477226973 CET53618681.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.484258890 CET5440253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.491404057 CET53544021.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.496161938 CET5062253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.496540070 CET5227653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.503106117 CET53506221.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.503381968 CET53522761.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.506366014 CET5045653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.514153004 CET53504561.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.006588936 CET5959753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.007956982 CET5605853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.013550997 CET53595971.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.014576912 CET53560581.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.015312910 CET6187153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.017302990 CET5609553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.021985054 CET53618711.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.024086952 CET53560951.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.026518106 CET6453853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.033266068 CET53645381.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.329929113 CET5318353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.330480099 CET5963153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.336441994 CET53531831.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.337253094 CET53596311.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.338169098 CET6446853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.344926119 CET53644681.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.364878893 CET5158653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.365056038 CET6527453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.371476889 CET53515861.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.371658087 CET53652741.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.383925915 CET6262553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.391052961 CET53626251.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.938494921 CET5804253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.945175886 CET53580421.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.012379885 CET5935353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.018930912 CET53593531.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.032258987 CET5446553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.039190054 CET53544651.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.781462908 CET6362853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.789324045 CET53636281.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.790491104 CET5389953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.807432890 CET53538991.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.808007002 CET5377853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.816190004 CET53537781.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.071055889 CET5479153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.079474926 CET53547911.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.082256079 CET6464153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.089157104 CET53646411.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.094291925 CET5803153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.101104021 CET53580311.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.883563042 CET5031453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891926050 CET53503141.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.893274069 CET5513753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.900662899 CET53551371.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.901715040 CET5359353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.909769058 CET53535931.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.959892035 CET6168853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.966295004 CET53616881.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.982819080 CET6482253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.989873886 CET53648221.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.116216898 CET5481153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.122934103 CET53548111.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.129729033 CET5948353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.136333942 CET53594831.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.137428999 CET5020453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.144300938 CET53502041.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.020611048 CET5670253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.027395964 CET53567021.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.754631996 CET6264553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.755300999 CET5797253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.755475998 CET6433953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET53626451.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.762113094 CET53579721.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.762876034 CET53643391.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.805608034 CET5398253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.805608034 CET6016553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.806036949 CET5949753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812279940 CET53539821.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET53601651.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812812090 CET6351153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812952042 CET5004053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.813311100 CET53594971.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.813756943 CET6167253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821301937 CET53500401.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821314096 CET53616721.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821322918 CET53635111.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821906090 CET5019553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.822150946 CET5383853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.829464912 CET53538381.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.830077887 CET53501951.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.832547903 CET6012653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.832932949 CET6369153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839118958 CET53601261.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839611053 CET6411953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839942932 CET53636911.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.840311050 CET6101453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.846750975 CET53641191.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.847395897 CET53610141.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.857197046 CET4981453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.864518881 CET53498141.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.438638926 CET4975153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.445492983 CET53497511.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.446201086 CET6159053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.454081059 CET53615901.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.909966946 CET6340553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.917067051 CET53634051.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.585705996 CET5926553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.592776060 CET53592651.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.597219944 CET6321753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.604686975 CET53632171.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.605386019 CET5508253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.612037897 CET53550821.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.626427889 CET6200453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.633419037 CET53620041.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.636764050 CET4945953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.644367933 CET53494591.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.646956921 CET5640953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.654391050 CET53564091.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.547055006 CET6401853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.555151939 CET53640181.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.555653095 CET5524853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.564852953 CET53552481.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.558995008 CET53585141.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.440646887 CET4952653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.447382927 CET53495261.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.019577026 CET5886553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.028605938 CET53588651.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684923887 CET5647753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.691440105 CET53564771.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.659543037 CET5623853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.666616917 CET53562381.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.667745113 CET6230053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.674508095 CET53623001.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.486277103 CET5344453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.493592024 CET53534441.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.494704008 CET5185153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.501312017 CET53518511.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.502213001 CET6321153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.509401083 CET53632111.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.967763901 CET5308153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.975392103 CET53530811.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.068311930 CET4950653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.075136900 CET53495061.1.1.1192.168.2.6

                                                                                                                                                                                                                                                                                                                            DNS Queries

                                                                                                                                                                                                                                                                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.182782888 CET192.168.2.61.1.1.10x5a49Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.191323996 CET192.168.2.61.1.1.10x55baStandard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.469432116 CET192.168.2.61.1.1.10xdc2cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.470531940 CET192.168.2.61.1.1.10xb48aStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.484258890 CET192.168.2.61.1.1.10x2ac3Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.496161938 CET192.168.2.61.1.1.10x3642Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.496540070 CET192.168.2.61.1.1.10xe9beStandard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.506366014 CET192.168.2.61.1.1.10xaa1bStandard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.006588936 CET192.168.2.61.1.1.10x5063Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.007956982 CET192.168.2.61.1.1.10xf695Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.015312910 CET192.168.2.61.1.1.10x4deStandard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.017302990 CET192.168.2.61.1.1.10x35bStandard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.026518106 CET192.168.2.61.1.1.10x807Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.329929113 CET192.168.2.61.1.1.10xed6bStandard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.330480099 CET192.168.2.61.1.1.10x338Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.338169098 CET192.168.2.61.1.1.10x4356Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.364878893 CET192.168.2.61.1.1.10x8ebdStandard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.365056038 CET192.168.2.61.1.1.10x4679Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.383925915 CET192.168.2.61.1.1.10x38faStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.938494921 CET192.168.2.61.1.1.10xfc2cStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.012379885 CET192.168.2.61.1.1.10x9735Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.032258987 CET192.168.2.61.1.1.10xffdcStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.781462908 CET192.168.2.61.1.1.10x20cStandard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.790491104 CET192.168.2.61.1.1.10xc5caStandard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.808007002 CET192.168.2.61.1.1.10x83b8Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.071055889 CET192.168.2.61.1.1.10xebd4Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.082256079 CET192.168.2.61.1.1.10x76cStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.094291925 CET192.168.2.61.1.1.10xa0c1Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.883563042 CET192.168.2.61.1.1.10x6ea6Standard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.893274069 CET192.168.2.61.1.1.10x8c86Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.901715040 CET192.168.2.61.1.1.10xf91fStandard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.959892035 CET192.168.2.61.1.1.10xdb98Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.982819080 CET192.168.2.61.1.1.10x654cStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.116216898 CET192.168.2.61.1.1.10xcb01Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.129729033 CET192.168.2.61.1.1.10xcf2dStandard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.137428999 CET192.168.2.61.1.1.10xa284Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.020611048 CET192.168.2.61.1.1.10xfdccStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.754631996 CET192.168.2.61.1.1.10xbe64Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.755300999 CET192.168.2.61.1.1.10xd097Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.755475998 CET192.168.2.61.1.1.10x829Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.805608034 CET192.168.2.61.1.1.10xc381Standard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.805608034 CET192.168.2.61.1.1.10x8ee4Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.806036949 CET192.168.2.61.1.1.10xb834Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812812090 CET192.168.2.61.1.1.10xccdStandard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812952042 CET192.168.2.61.1.1.10xebefStandard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.813756943 CET192.168.2.61.1.1.10x6bc3Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821906090 CET192.168.2.61.1.1.10x2287Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.822150946 CET192.168.2.61.1.1.10x362dStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.832547903 CET192.168.2.61.1.1.10xfea3Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.832932949 CET192.168.2.61.1.1.10xc667Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839611053 CET192.168.2.61.1.1.10x75c4Standard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.840311050 CET192.168.2.61.1.1.10xc1dbStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.857197046 CET192.168.2.61.1.1.10xced0Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.438638926 CET192.168.2.61.1.1.10x7c23Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.446201086 CET192.168.2.61.1.1.10xc77bStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.909966946 CET192.168.2.61.1.1.10xf5ecStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.585705996 CET192.168.2.61.1.1.10x7e22Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.597219944 CET192.168.2.61.1.1.10x2925Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.605386019 CET192.168.2.61.1.1.10xc599Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.626427889 CET192.168.2.61.1.1.10x9e3Standard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.636764050 CET192.168.2.61.1.1.10xbb1dStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.646956921 CET192.168.2.61.1.1.10xcc41Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.547055006 CET192.168.2.61.1.1.10x62c8Standard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.555653095 CET192.168.2.61.1.1.10xa0a3Standard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.440646887 CET192.168.2.61.1.1.10x33e4Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.019577026 CET192.168.2.61.1.1.10x2806Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.684923887 CET192.168.2.61.1.1.10x8755Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.659543037 CET192.168.2.61.1.1.10x7c3dStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.667745113 CET192.168.2.61.1.1.10xeca5Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.486277103 CET192.168.2.61.1.1.10x2744Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.494704008 CET192.168.2.61.1.1.10xee23Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.502213001 CET192.168.2.61.1.1.10x4dccStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.967763901 CET192.168.2.61.1.1.10xc560Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.068311930 CET192.168.2.61.1.1.10x951fStandard query (0)example.orgA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                            DNS Answers

                                                                                                                                                                                                                                                                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.150583982 CET1.1.1.1192.168.2.60xe1e1No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:35.190512896 CET1.1.1.1192.168.2.60x5a49No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.476464987 CET1.1.1.1192.168.2.60xdc2cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.476464987 CET1.1.1.1192.168.2.60xdc2cNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.476464987 CET1.1.1.1192.168.2.60xdc2cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.477226973 CET1.1.1.1192.168.2.60xb48aNo error (0)youtube.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.491404057 CET1.1.1.1192.168.2.60x2ac3No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.503106117 CET1.1.1.1192.168.2.60x3642No error (0)youtube.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.503381968 CET1.1.1.1192.168.2.60xe9beNo error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.514153004 CET1.1.1.1192.168.2.60xaa1bNo error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.013550997 CET1.1.1.1192.168.2.60x5063No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.014576912 CET1.1.1.1192.168.2.60xf695No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.014576912 CET1.1.1.1192.168.2.60xf695No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.014576912 CET1.1.1.1192.168.2.60xf695No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.014576912 CET1.1.1.1192.168.2.60xf695No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.021985054 CET1.1.1.1192.168.2.60x4deNo error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.021985054 CET1.1.1.1192.168.2.60x4deNo error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.024086952 CET1.1.1.1192.168.2.60x35bNo error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.336441994 CET1.1.1.1192.168.2.60xed6bNo error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.336441994 CET1.1.1.1192.168.2.60xed6bNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.337253094 CET1.1.1.1192.168.2.60x338No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.337253094 CET1.1.1.1192.168.2.60x338No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.337253094 CET1.1.1.1192.168.2.60x338No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.344926119 CET1.1.1.1192.168.2.60x4356No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.354617119 CET1.1.1.1192.168.2.60x1da8No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.354617119 CET1.1.1.1192.168.2.60x1da8No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.371658087 CET1.1.1.1192.168.2.60x4679No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.391052961 CET1.1.1.1192.168.2.60x38faNo error (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.945175886 CET1.1.1.1192.168.2.60xfc2cNo error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.945175886 CET1.1.1.1192.168.2.60xfc2cNo error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.945175886 CET1.1.1.1192.168.2.60xfc2cNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.018930912 CET1.1.1.1192.168.2.60x9735No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.039190054 CET1.1.1.1192.168.2.60xffdcNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.789324045 CET1.1.1.1192.168.2.60x20cNo error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.789324045 CET1.1.1.1192.168.2.60x20cNo error (0)shavar.prod.mozaws.net35.83.47.198A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.789324045 CET1.1.1.1192.168.2.60x20cNo error (0)shavar.prod.mozaws.net52.35.142.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.789324045 CET1.1.1.1192.168.2.60x20cNo error (0)shavar.prod.mozaws.net52.24.225.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.807432890 CET1.1.1.1192.168.2.60xc5caNo error (0)shavar.prod.mozaws.net52.35.142.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.807432890 CET1.1.1.1192.168.2.60xc5caNo error (0)shavar.prod.mozaws.net52.24.225.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.807432890 CET1.1.1.1192.168.2.60xc5caNo error (0)shavar.prod.mozaws.net35.83.47.198A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.079474926 CET1.1.1.1192.168.2.60xebd4No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.089157104 CET1.1.1.1192.168.2.60x76cNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.890302896 CET1.1.1.1192.168.2.60xd4aNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.890302896 CET1.1.1.1192.168.2.60xd4aNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891926050 CET1.1.1.1192.168.2.60x6ea6No error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891926050 CET1.1.1.1192.168.2.60x6ea6No error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.891926050 CET1.1.1.1192.168.2.60x6ea6No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.900662899 CET1.1.1.1192.168.2.60x8c86No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.948143005 CET1.1.1.1192.168.2.60xfc74No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:42.966295004 CET1.1.1.1192.168.2.60xdb98No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.122934103 CET1.1.1.1192.168.2.60xcb01No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.122934103 CET1.1.1.1192.168.2.60xcb01No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.136333942 CET1.1.1.1192.168.2.60xcf2dNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.144300938 CET1.1.1.1192.168.2.60xa284No error (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.396075010 CET1.1.1.1192.168.2.60x604eNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.761312962 CET1.1.1.1192.168.2.60xbe64No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.762113094 CET1.1.1.1192.168.2.60xd097No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.762113094 CET1.1.1.1192.168.2.60xd097No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.762876034 CET1.1.1.1192.168.2.60x829No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.762876034 CET1.1.1.1192.168.2.60x829No error (0)star-mini.c10r.facebook.com157.240.251.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812279940 CET1.1.1.1192.168.2.60xc381No error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.812292099 CET1.1.1.1192.168.2.60x8ee4No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.813311100 CET1.1.1.1192.168.2.60xb834No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821301937 CET1.1.1.1192.168.2.60xebefNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821301937 CET1.1.1.1192.168.2.60xebefNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821301937 CET1.1.1.1192.168.2.60xebefNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821301937 CET1.1.1.1192.168.2.60xebefNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821314096 CET1.1.1.1192.168.2.60x6bc3No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.821322918 CET1.1.1.1192.168.2.60xccdNo error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.829464912 CET1.1.1.1192.168.2.60x362dNo error (0)twitter.com162.159.140.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.829464912 CET1.1.1.1192.168.2.60x362dNo error (0)twitter.com172.66.0.227A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.830077887 CET1.1.1.1192.168.2.60x2287No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.830077887 CET1.1.1.1192.168.2.60x2287No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.830077887 CET1.1.1.1192.168.2.60x2287No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.830077887 CET1.1.1.1192.168.2.60x2287No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.830077887 CET1.1.1.1192.168.2.60x2287No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839118958 CET1.1.1.1192.168.2.60xfea3No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839118958 CET1.1.1.1192.168.2.60xfea3No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839118958 CET1.1.1.1192.168.2.60xfea3No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839118958 CET1.1.1.1192.168.2.60xfea3No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.839942932 CET1.1.1.1192.168.2.60xc667No error (0)twitter.com162.159.140.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.445492983 CET1.1.1.1192.168.2.60x7c23No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.917067051 CET1.1.1.1192.168.2.60xf5ecNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.917067051 CET1.1.1.1192.168.2.60xf5ecNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.917067051 CET1.1.1.1192.168.2.60xf5ecNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.592776060 CET1.1.1.1192.168.2.60x7e22No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.592776060 CET1.1.1.1192.168.2.60x7e22No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.592776060 CET1.1.1.1192.168.2.60x7e22No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.592776060 CET1.1.1.1192.168.2.60x7e22No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.604686975 CET1.1.1.1192.168.2.60x2925No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.604686975 CET1.1.1.1192.168.2.60x2925No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.604686975 CET1.1.1.1192.168.2.60x2925No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.604686975 CET1.1.1.1192.168.2.60x2925No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.612037897 CET1.1.1.1192.168.2.60xc599No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.612037897 CET1.1.1.1192.168.2.60xc599No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.612037897 CET1.1.1.1192.168.2.60xc599No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.612037897 CET1.1.1.1192.168.2.60xc599No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.633419037 CET1.1.1.1192.168.2.60x9e3No error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.633419037 CET1.1.1.1192.168.2.60x9e3No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:04.644367933 CET1.1.1.1192.168.2.60xbb1dNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.545908928 CET1.1.1.1192.168.2.60x1e9eNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.545908928 CET1.1.1.1192.168.2.60x1e9eNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.545908928 CET1.1.1.1192.168.2.60x1e9eNo error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.545908928 CET1.1.1.1192.168.2.60x1e9eNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.545908928 CET1.1.1.1192.168.2.60x1e9eNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.555151939 CET1.1.1.1192.168.2.60x62c8No error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.555151939 CET1.1.1.1192.168.2.60x62c8No error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.564852953 CET1.1.1.1192.168.2.60xa0a3No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.564852953 CET1.1.1.1192.168.2.60xa0a3No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.447382927 CET1.1.1.1192.168.2.60x33e4No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.447382927 CET1.1.1.1192.168.2.60x33e4No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.447382927 CET1.1.1.1192.168.2.60x33e4No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:34.682610035 CET1.1.1.1192.168.2.60x22No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:03.666616917 CET1.1.1.1192.168.2.60x7c3dNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.493592024 CET1.1.1.1192.168.2.60x2744No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.501312017 CET1.1.1.1192.168.2.60xee23No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.975392103 CET1.1.1.1192.168.2.60xc560No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.975392103 CET1.1.1.1192.168.2.60xc560No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.975392103 CET1.1.1.1192.168.2.60xc560No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.075136900 CET1.1.1.1192.168.2.60x951fNo error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.075136900 CET1.1.1.1192.168.2.60x951fNo error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.075136900 CET1.1.1.1192.168.2.60x951fNo error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.075136900 CET1.1.1.1192.168.2.60x951fNo error (0)example.org96.7.128.186A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                            HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                            • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                            HTTP Packets

                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            0192.168.2.64970134.107.221.82806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.511706114 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:37.956130028 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 06:34:29 GMT
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Age: 22208
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            1192.168.2.64970534.107.221.82806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.351847887 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:38.817953110 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33497
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success


                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            2192.168.2.64971134.107.221.82806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.410554886 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:39.874206066 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37911
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.360578060 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.459770918 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37912
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.778458118 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.877391100 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37912
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.111897945 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:43.210572004 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37915
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.388349056 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.487473965 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37919
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.017806053 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:48.116715908 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37920
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.650981903 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.749408007 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37921
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.456645966 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:52.555476904 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37924
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.573127985 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:02.910254955 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.008832932 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37934
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.042213917 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.146065950 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37937
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.535789967 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.634443998 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37937
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.527360916 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.625636101 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37939
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:17.636784077 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.440299034 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.539119959 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37954
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.513739109 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.613051891 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37955
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:33.614715099 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.199084997 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.298275948 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37967
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.731280088 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.831538916 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37967
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:45.846703053 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:55.992451906 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.132955074 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.231631994 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 37996
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:14.245356083 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:24.256326914 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:34.269257069 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:44.287739992 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:54.293256044 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:24.967545033 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.067111969 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 90
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 02:12:48 GMT
                                                                                                                                                                                                                                                                                                                            Age: 38077
                                                                                                                                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                            Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            3192.168.2.64971534.107.221.82806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.245424986 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache


                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            4192.168.2.64971634.107.221.82806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:40.702047110 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache


                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            5192.168.2.64971834.107.221.82806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.066124916 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:41.513614893 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33500
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:46.257617950 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:46.353322983 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33505
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.525299072 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:47.620413065 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33506
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.642687082 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:49.737828016 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33508
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.701289892 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:51.796278000 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33510
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:53.402575016 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:44:53.497395039 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33512
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.012227058 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:03.107214928 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33522
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.149013996 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.244040966 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33524
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.637500048 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.732866049 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33524
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.633430958 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:07.728344917 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33526
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:17.737021923 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.542141914 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:22.636986017 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33541
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.615983963 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:23.710958004 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33542
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:33.715147972 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.301618099 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.397687912 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33554
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.861394882 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:35.956695080 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33554
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:45.962603092 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:55.992454052 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.235742092 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:04.331546068 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33583
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:14.345663071 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:24.356079102 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:34.369587898 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:44.387953043 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:46:54.394202948 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:04.405667067 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                            Data Ascii:
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.070964098 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Pragma: no-cache
                                                                                                                                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:47:25.166706085 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Server: nginx
                                                                                                                                                                                                                                                                                                                            Content-Length: 8
                                                                                                                                                                                                                                                                                                                            Via: 1.1 google
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 03:26:21 GMT
                                                                                                                                                                                                                                                                                                                            Age: 33664
                                                                                                                                                                                                                                                                                                                            Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                            Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                            Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                            Data Ascii: success


                                                                                                                                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                            6192.168.2.6497422.22.61.56806668C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:05.553833961 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                            Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                            Accept: */*
                                                                                                                                                                                                                                                                                                                            Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162405968 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                            Content-Length: 453023
                                                                                                                                                                                                                                                                                                                            Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                            Last-Modified: Wed, 12 Mar 2025 04:19:28 GMT
                                                                                                                                                                                                                                                                                                                            ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                            X-Timestamp: 1741753167.65917
                                                                                                                                                                                                                                                                                                                            Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                            X-Trans-Id: tx8010bf916ad24497ab4a8-0067d34aa4dfw1
                                                                                                                                                                                                                                                                                                                            Cache-Control: public, max-age=116995
                                                                                                                                                                                                                                                                                                                            Expires: Sun, 16 Mar 2025 21:15:01 GMT
                                                                                                                                                                                                                                                                                                                            Date: Sat, 15 Mar 2025 12:45:06 GMT
                                                                                                                                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                                                                                                                                            Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                            Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162452936 CET1236INData Raw: bd c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5
                                                                                                                                                                                                                                                                                                                            Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*dIUkq9[d
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.162507057 CET448INData Raw: 76 05 c4 dc 61 8a ee 89 36 03 dd 1b 08 cd 40 d9 ea 04 bd 6e 44 fc 07 c7 c5 f9 37 23 49 13 20 6b 79 26 c2 ef b5 cf c4 f9 36 c0 ee 95 21 56 4f bf 34 ab 1d 51 ac fe f7 81 91 58 5d 54 d5 5a 44 59 dd bb 12 e9 2b 02 56 4f 8f 9f b8 ad c8 db ba c2 58 de
                                                                                                                                                                                                                                                                                                                            Data Ascii: va6@nD7#I ky&6!VO4QX]TZDY+VOXrm!m%R4Re"*2Xohu}G9gVP8ghhlW4CUR7wv$Y`X%k|h``\"^w\>(y':@V6
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163906097 CET1236INData Raw: 65 e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b
                                                                                                                                                                                                                                                                                                                            Data Ascii: e2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163942099 CET1236INData Raw: 7f b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e
                                                                                                                                                                                                                                                                                                                            Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.163978100 CET448INData Raw: 62 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92
                                                                                                                                                                                                                                                                                                                            Data Ascii: bY:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166526079 CET1236INData Raw: 5d a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48
                                                                                                                                                                                                                                                                                                                            Data Ascii: ]!Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166559935 CET1236INData Raw: 0e 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd
                                                                                                                                                                                                                                                                                                                            Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.166593075 CET448INData Raw: 8e 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3
                                                                                                                                                                                                                                                                                                                            Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169110060 CET1236INData Raw: 99 ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd
                                                                                                                                                                                                                                                                                                                            Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1
                                                                                                                                                                                                                                                                                                                            Mar 15, 2025 13:45:06.169162989 CET1236INData Raw: 54 88 af 6b 46 21 96 c5 bc 17 f8 0b 33 f5 a2 5c 8c f3 a5 7a 0f eb 92 0f 50 32 86 fd 65 5b 30 c8 b2 e7 30 e0 fb 80 1a be 7d a4 46 35 7c d3 69 08 ed 2b a1 bc e9 40 0c 46 75 4f b0 5b 0d 12 e4 5d 29 77 a0 15 ab 42 4b 58 cd 29 e9 2f 53 ed 53 3b ff 20
                                                                                                                                                                                                                                                                                                                            Data Ascii: TkF!3\zP2e[00}F5|i+@FuO[])wBKX)/SS; <NEfql]M.dRro7/tk>)0(k"?1!cY[D8w5U:1|hEfwS"'<^`c7


                                                                                                                                                                                                                                                                                                                            Statistics

                                                                                                                                                                                                                                                                                                                            CPU Usage

                                                                                                                                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                                                                                                                                            Memory Usage

                                                                                                                                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                                                                                                                                            High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                            Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                            Behavior

                                                                                                                                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                                                                                                                                            System Behavior

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:0
                                                                                                                                                                                                                                                                                                                            Start time:08:44:27
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                            Imagebase:0x910000
                                                                                                                                                                                                                                                                                                                            File size:966'144 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:7B263841E989D2A9F7D156E74CB36E6F
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:2
                                                                                                                                                                                                                                                                                                                            Start time:08:44:28
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                            Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                            Imagebase:0x1a0000
                                                                                                                                                                                                                                                                                                                            File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:3
                                                                                                                                                                                                                                                                                                                            Start time:08:44:28
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff68dae0000
                                                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:5
                                                                                                                                                                                                                                                                                                                            Start time:08:44:30
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                            Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                            Imagebase:0x1a0000
                                                                                                                                                                                                                                                                                                                            File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:6
                                                                                                                                                                                                                                                                                                                            Start time:08:44:30
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff68dae0000
                                                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:7
                                                                                                                                                                                                                                                                                                                            Start time:08:44:30
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                            Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                            Imagebase:0x1a0000
                                                                                                                                                                                                                                                                                                                            File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:8
                                                                                                                                                                                                                                                                                                                            Start time:08:44:30
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff68dae0000
                                                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:9
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                            Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                            Imagebase:0x1a0000
                                                                                                                                                                                                                                                                                                                            File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:10
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff68dae0000
                                                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:11
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                            Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                            Imagebase:0x1a0000
                                                                                                                                                                                                                                                                                                                            File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:12
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff68dae0000
                                                                                                                                                                                                                                                                                                                            File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Reputation:high
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:13
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:14
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:15
                                                                                                                                                                                                                                                                                                                            Start time:08:44:31
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:16
                                                                                                                                                                                                                                                                                                                            Start time:08:44:33
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2244 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b56de95-3d03-447b-aebc-420301f26c63} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234c096dd10 socket
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:17
                                                                                                                                                                                                                                                                                                                            Start time:08:44:34
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2996 -parentBuildID 20230927232528 -prefsHandle 4160 -prefMapHandle 4184 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e94fe24-f142-4e80-9844-43b6caeb734a} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d2e95810 rdd
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:23
                                                                                                                                                                                                                                                                                                                            Start time:08:44:42
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5028 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1560 -prefMapHandle 5020 -prefsLen 33076 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f2f0818-bfdf-4269-8b0b-5d127bd07733} 6668 "\\.\pipe\gecko-crash-server-pipe.6668" 234d9b5dd10 utility
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:25
                                                                                                                                                                                                                                                                                                                            Start time:08:44:47
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                            Target ID:26
                                                                                                                                                                                                                                                                                                                            Start time:08:44:47
                                                                                                                                                                                                                                                                                                                            Start date:15/03/2025
                                                                                                                                                                                                                                                                                                                            Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                            Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
                                                                                                                                                                                                                                                                                                                            Imagebase:0x7ff6b7570000
                                                                                                                                                                                                                                                                                                                            File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                            MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                                                                                                                                            Disassembly

                                                                                                                                                                                                                                                                                                                            Reset < >